63cc7f842e
- Add shquote() to escape single quotes in paths passed to remote_exec, preventing shell injection via REMOTE_BASE containing single quotes - Apply shquote to remote_exec calls in remotes.sh, backup.sh, transfer.sh, ssh.sh - Add DISK_USAGE_THRESHOLD validation in config.sh - Export SMTP_PASSWORD (was missing from export list) - Fix WEB_PORT default mismatch: use 2323 consistently in from_conf and settings save - Narrow exception catch in remotes.py disk info fetch to KeyError/LookupError - Quote REMOTE_KEY in build_rsync_ssh_cmd for paths with spaces Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
5.9 KiB
5.9 KiB