Can kopia server protect data from compromised client?

While reading Is a safe `forget` command possible when the append-only client was compromised? - Getting Help - restic forum I realized I don’t know if kopia server protects (or can protect setting some configuration) a client from deleting it’s own snapshots (or mess in any way the retention policy).

I run my kopia server in a quite secure environment; but some of my clients aren’t trustworthy (and that’s the reason I take care of backups, especially in case of ransomware attack).

Yes. With kopia server you can define ACL to prevent deletion of snapshots and changing of policies.

Ok, but another concern in restic is that a user can create snapshots ahead in time; so if I create 1.000 empty snapshots, one per year, ahead in time, valid snapshots will be deleted. I don’t know who (client or server) decides snapshot time in kopia.
If one client get compromised and sends 1000 garbage snapshots, it will trigger my “last snapshots” rules, but my daily/weekly/monthly… will keep me safe.

BTW. Currently snapshot expiration/deletion in Kopia is done client-side, so by disallowing that operation, the user will accumulate snapshots forever, which is not ideal. We will need to move snapshot expiration to run server-side, and then yes - we must be careful to avoid this potential avenue of attack.