> Fiona Ebner <f.eb...@proxmox.com> hat am 12.09.2024 15:56 CEST geschrieben: > Am 12.09.24 um 14:43 schrieb Fabian Grünbichler: > > > also, for both tar and rsync we probably need to think about how to > > prevent bogus input here (which might be user-creatable if they have > > write access to the backup storage) from violating our assumptions.. > > > What assumptions do you mean exactly?
mainly things like symlinks/hardlinks in weird places, wrong looking dir layouts, containing file systems that don't belong (/dev , /proc, ..), stuff like that.. with vzdump backups, we have the reasonable assumption that backup archives are - well-formed (created by our code) - put there by an admin with raw storage access (can already do pretty much everything) with external backups, we don't know who can put what onto the backup storage, there's a lot more that can theoretically be snuck in (also by less-privileged users that have access to the backup storage), so it probably warrants extra caution.. _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
