GitLab

When restoring a backup in zip or zip_bzip2 formats, the restoreFileOwnership() function is called and changes ownership on everything under the web root but the log, ssl and web/stats directories. This will include all jailkit files (security implications) and backup files (quota implications?).

This should at minimum have a more complete blacklist of paths which will not be changed. Possibly it should additionally only include known paths.