diff options
| author | Anton Khirnov <anton@khirnov.net> | 2020-10-18 17:12:39 +0200 |
|---|---|---|
| committer | Anton Khirnov <anton@khirnov.net> | 2020-10-18 17:12:39 +0200 |
| commit | 8a16f2b652c87594b8f195cb4c0de0b962b73ed2 (patch) | |
| tree | 1ea93fea9d5762295222f0b0dd2c1a90522b861f | |
| parent | fe134ec2f59514813e0d3df6daf5f35197e71230 (diff) | |
targets: add more docs
| -rw-r--r-- | lbup/targets.py | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/lbup/targets.py b/lbup/targets.py index 2b4908f..e7e161e 100644 --- a/lbup/targets.py +++ b/lbup/targets.py @@ -207,6 +207,7 @@ class TargetSSHLVM(TargetSSH): This target backs up a remote host using LVM snapshots. All the dirs backed up must be on same LV. + Requires root login on the system. """ _snapshot_size = None @@ -367,6 +368,11 @@ class TargetSSHLXCLVM(TargetSSHLVM): :param SSHRemote parent_remote: """ + # The container is treated as untrusted, so all code here needs to be + # careful to avoid giving it access to anything it would not have otherwise. + # Specifically, any information obtained by running binaries in the + # container should be assumed to have been potentially maliciously + # manipulated. No binaries from the container should be run as the (host) root. _parent_remote = None _lxc_username = None _lxc_containername = None |