Document external-decompressor-use-manifest flag for backup/restore security (#2076)

Co-authored-by: promptless[bot] <179508745+promptless[bot]@users.noreply.github.com>

Author: promptless[bot]

content/en/docs/24.0/user-guides/operating-vitess/backup-and-restore/overview.md

@@ -167,6 +167,15 @@ All three programs can be made aware of Backup Engine and Backup Storage using t
       <code>--external-decompressor "pigz -d -c"</code>
       </td>
     </tr>
+    <tr>
+      <td><code>external-decompressor-use-manifest</code></td>
+      <td>
+      Allows the decompressor command stored in the backup manifest to be used at restore time. 
+      This is disabled by default for security reasons: an attacker with write access to backup storage 
+      could modify the manifest to execute arbitrary commands on the tablet as the Vitess user. 
+      Only enable this flag if you trust your backup storage and understand the risks involved.
+      </td>
+    </tr>
     <tr>
       <td><code>file-backup-storage-root</code></td>
       <td>For the <code>file</code> plugin, this identifies the root directory