diff options
| -rw-r--r-- | lbup/targets.py | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/lbup/targets.py b/lbup/targets.py index 2b4908f..e7e161e 100644 --- a/lbup/targets.py +++ b/lbup/targets.py @@ -207,6 +207,7 @@ class TargetSSHLVM(TargetSSH): This target backs up a remote host using LVM snapshots. All the dirs backed up must be on same LV. + Requires root login on the system. """ _snapshot_size = None @@ -367,6 +368,11 @@ class TargetSSHLXCLVM(TargetSSHLVM): :param SSHRemote parent_remote: """ + # The container is treated as untrusted, so all code here needs to be + # careful to avoid giving it access to anything it would not have otherwise. + # Specifically, any information obtained by running binaries in the + # container should be assumed to have been potentially maliciously + # manipulated. No binaries from the container should be run as the (host) root. _parent_remote = None _lxc_username = None _lxc_containername = None |