v2 sent: https://lore.proxmox.com/pve-devel/20241104104221.228730-1-f.gruenbich...@proxmox.com
On August 9, 2024 1:22 pm, Fabian Grünbichler wrote: > this series of patches implements additional hardening when copying > potentially untrusted image files: > - extend file_size_info helper which already does most of the work > - add call to check imported volume in remote migration > - add/adapt calls for `import-from` handling in Qemu > > these are not problematic at the moment, and these patches just serve as > additional hardening: > - remote migration requires a special privilege, the source must already > be trusted > - import-from only allows importing volumes already on the storage, > which are not untrusted but created by PVE itself, or by a user with > root privileges > > the functionality in PVE::Storage should also be used for future > additions where untrusted image files are processed: > - Dominik's OVA import patch series > - arbitrary disk image upload/download features > > where not doing such checks might pose a security risk. > > pve-guest-common: > > Fabian Grünbichler (1): > storage tunnel: check just-imported image files > > src/PVE/StorageTunnel.pm | 7 +++++++ > 1 file changed, 7 insertions(+) > > pve-storage: > > Fabian Grünbichler (1): > file_size_info: implement untrusted mode > > src/PVE/Storage.pm | 4 ++-- > src/PVE/Storage/Plugin.pm | 35 ++++++++++++++++++++++++++++++----- > 2 files changed, 32 insertions(+), 7 deletions(-) > > qemu-server: > > Fabian Grünbichler (1): > disk import: add additional safeguards for imported image files > > PVE/API2/Qemu.pm | 15 ++++++++++++--- > 1 file changed, 12 insertions(+), 3 deletions(-) > > -- > 2.39.2 > > > > _______________________________________________ > pve-devel mailing list > pve-devel@lists.proxmox.com > https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel > _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
