Qubes/core-admin-client
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
10f15e6669
core-admin-client/qubesadmin/backup
History
Marek Marczykowski-Górecki 10f15e6669
backup/restore: reject uncommon compression filters and improve header validation 
Compression filter named in a backup header is executed in restore
environment (commonly dom0). While this field is properly authenticated,
there may be cases where backup archive comes from less
trusted source, like migrating from potentially compromised
system.

Modify backup header parsing code to add field specific validators.
Whitelist only know crypto, hmac and compression algorithms.

Based on a patch by Jean-Philippe Ouellet <jpo@vt.edu>
Reported-by: Jean-Philippe Ouellet <jpo@vt.edu>
2019-09-10 15:24:15 +02:00
..
__init__.py backup: move BackupRestore class and helpers to 'restore' submodule 2017-07-21 03:54:04 +02:00
core2.py doc: fix rst syntax in documentation, including docstrings 2018-12-08 23:53:55 +01:00
core3.py Fix typo 2018-09-14 14:48:22 -04:00
restore.py backup/restore: reject uncommon compression filters and improve header validation 2019-09-10 15:24:15 +02:00