Cruft file remover: GDPR features

[ottok]

The cruft file remover should scan for excess database dumps. If it finds any, it should list them and suggest to the user to delete them, as database dumps laying around are a potential leak risk and storing databases forever is against the principles of GDPR.

For the same reason it should also scan for different kind of site backups, backup recovery directories and site transfer packages etc. They contain all the site data and should not be stored forever.

Basically as long as customers only have one single database dump in /data/db/*.sql and the only backups are the ones we automatically purge at /data/backups the customers can be assured that their backup file handling follows the principles of GDPR and no data is left laying around forever.

For example if a user requests their data to be deleted from a WordPress site, site owners should delete them from WordPress, and eventually they get purged from all database dumps and backups as well – as long as there are no non-standard database dumps and backups somewhere.

[elguitar]

Is this still valid? Currently, the user is shown the following files and directories: https://github.com/Seravo/seravo-plugin/blob/e33b5471f1bda43e1f91b95132feb60eab39cde5/lib/cruftfiles-ajax.php#L81-L105

Or should there be a harsher warning about possibly violating GDPR?

[elguitar]

Thoughts?

[ottok]

Yes, let's implement a notification saying to the admin something like:

Files that are potentially security violating and unnecessary have been detected. Please [review] them.

Or the cruft remover page itself could have some longer explanation on why it is a bad idea to have excess .sql dumps around (e.g. the right to be deleted by users is violated).