79 Commits

Author	SHA1	Message	Date
k3nny	debc753f13	fix(security): replace os.popen/os.system with subprocess for command injection prevention ... Replace all deprecated and unsafe command execution methods with secure subprocess.run() calls using list arguments. Changes: - Replace os.popen() with subprocess.run() in tisbackup_gui.py - Replace os.system() with subprocess.run() in tasks.py and backup_xva.py - Add input validation for device/partition names (regex-based) - Fix file operations to use context managers (with statement) - Remove wildcard import from shutil - Add timeout protection to all subprocess calls (5-30s) - Improve error handling with proper try/except blocks Security improvements: - Prevent command injection vulnerabilities in USB disk operations - Validate device paths with regex before system calls - Use list arguments instead of shell=True to prevent injection - Add proper error handling instead of silent failures Code quality improvements: - Replace deprecated os.popen() (deprecated since Python 2.6) - Use context managers for file operations - Remove wildcard imports for cleaner namespace - Add comprehensive error handling and logging Documentation: - Add SECURITY_IMPROVEMENTS.md documenting all changes - Document remaining security issues and recommendations - Include testing recommendations and migration notes BREAKING CHANGE: None - all changes are backward compatible 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>	2025-10-05 01:23:53 +02:00
k3nny	586991bcf1	fix(tisbackup): fix iniparse wrong check	2025-04-14 23:37:16 +02:00
k3nny	ddb5f3716d	Fix replace	2025-03-07 22:54:14 +01:00
k3nny	b805f8387e	Fix re.compile / re.match warnings	2025-03-07 22:51:20 +01:00
k3nny	737f9bea38	fix iniparse ... fix code passing ruff linter pre-commit ruff pre-commit ruff format	2024-11-29 23:45:40 +01:00
k3nny	7fcc5afc64	EOF & whitespace	2024-11-29 00:54:09 +01:00
k3nny	99dc6e0abf	fix import	2024-11-28 23:46:48 +01:00
roondar	b9a3ad755a	fix: Not use binary string in subprocess command	2023-03-08 17:58:06 +01:00
Francois PINOT	c74cc3802b	Set errors=ignore in the decode method, to avoid utf-8 codec errors on filenames with non-ascii characters	2022-12-26 14:02:49 +01:00
htouvet	bc4b9811ed	migrate to Python3 (from alejeune)	2022-04-25 10:02:43 +02:00
Kévin Guérineau	d079b542be	comment DSSKey and add ed25519	2020-11-20 14:13:27 +01:00
Vincent MAUGER	82ca9dfa35	changement du path btrfs	2020-11-20 14:13:25 +01:00
Jeremie Courreges-Anglas	26c45f3fe6	Stoopid unicode	2020-11-20 14:11:17 +01:00
Jeremie Courreges-Anglas	5a1e984a0b	Use pg_dump -Z to compress the output on the fly ... Less temp files overhead, less space used in tmp_dir, and less code. -Z is supported since PostgreSQL 7.1.	2020-11-20 14:11:16 +01:00
Jeremie Courreges-Anglas	e2c0e7e516	Respect tmp_dir, fixes temp files removal	2020-11-20 14:11:15 +01:00
Yohannès ALEMU	8aa63dbdd4	bug with written_files_count in backup rsync+ssh module	2019-01-03 15:47:22 +01:00
htouvet	e701575525	typo in gzipped pgsql dump filename	2018-02-21 09:38:52 +01:00
htouvet	b082796a87	fix register_existingbackups ... fix tmp gzip for pgsqldump	2018-02-09 09:55:33 +01:00
htouvet	c29ad67075	ajout paramètres tmp_dir = '/tmp' et encoding = 'UTF8' pour le driver backup pgsql	2018-02-06 15:21:55 +01:00
htouvet	1190eb4d9d	Take per section maximum_backup_age in account	2018-01-30 12:29:16 +01:00
ssamson-tis	076c07ff24	Overwrite gzip file	2017-09-21 14:34:07 +02:00
ssamson-tis	5e20cfffcc	fix wrong network label	2017-08-17 17:35:23 +02:00
ssamson-tis	2853903232	Fix export xva with Xenserver > 7.1	2017-07-24 18:23:15 +02:00
ssamson-tis	ce758e8129	fix DGS1210	2016-10-04 15:56:20 +02:00
ssamson-tis	32cef28497	add DGS1510	2016-10-04 14:21:59 +02:00
ssamson-tis	221f666ebd	ssh ne doit pas demander interactivement de mot de passe, meme si la cle n'est pas bonne.	2016-05-12 12:14:13 +02:00
ssamson-tis	0e3892b755	remove duplicate coe	2016-04-14 14:32:04 +02:00
ssamson-tis	f624d28f28	faire le backup xen-metadata avec une clef ssh plutôt qu'avec le mdp	2016-04-14 14:25:39 +02:00
ssamson-tis	c08bbd165b	- no need to logout	2016-03-04 17:29:02 +01:00
ssamson-tis	9465eb4c03	- add xen-password file with export pool-metadata	2016-02-08 14:24:34 +01:00
ssamson-tis	76f73416f0	- add xen-password file with export pool-metadata	2016-02-08 12:34:00 +01:00
ssamson-tis	411e287420	- fix import	2015-12-23 16:06:11 +01:00
ssamson-tis	81e1676ad8	- add backup Samba4 support	2015-12-23 15:27:36 +01:00
ssamson-tis	3d9bd21a7b	Revert "Revert "- fix use_compression"" ... This reverts commit 3a6b93c85d.	2015-12-23 11:43:28 +01:00
ssamson-tis	3a6b93c85d	Revert "- fix use_compression" ... This reverts commit f88c9d1d06.	2015-12-23 11:42:55 +01:00
ssamson-tis	f88c9d1d06	- fix use_compression	2015-10-30 15:19:47 +01:00
ssamson-tis	dc53354ea2	- Suppress warning output ... - Escape special character	2015-10-30 10:53:38 +01:00
ssamson-tis	e8708f1efa	Delete timeout with use_compression	2015-10-20 10:22:40 +02:00
ssamson-tis	55c92f0025	fix good destination vm parameter	2015-10-16 17:50:05 +02:00
ssamson-tis	a11396af41	Disable automatic boot for copies vm	2015-10-16 17:12:04 +02:00
ssamson-tis	44a4b5ea15	remove leading character in postgres databases	2015-09-30 16:28:34 +02:00
ssamson-tis	fe4081c7d3	change method to list all postgres databases	2015-09-30 16:14:25 +02:00
ssamson-tis	169602758e	Postgres database is optional	2015-09-24 16:57:49 +02:00
ssamson-tis	b248df8194	Merge branch 'master' of srvdev:tisbackup	2015-09-14 16:34:14 +02:00
ssamson-tis	9d4456faa4	add shutdown option do copy_vm_xcp	2015-09-14 16:33:31 +02:00
htouvet	e26612d2cf	added backup switch CISCO (tested on our 3750 only...) ... backup running config and vlan config	2015-09-01 17:17:28 +02:00
ssamson-tis	efb08d757f	Compress xva export	2015-07-28 10:48:45 +02:00
ssamson-tis	34a918294f	fix: Create directory	2015-07-17 17:39:39 +02:00
ssamson-tis	aaa06bf4b9	Improve oracle backups	2015-07-17 17:27:42 +02:00
ssamson-tis	cae9a1a4dc	Type mysql: - add multiple database support	2015-07-10 10:56:22 +02:00