Am 29.01.25 um 16:53 schrieb Filip Schauer:
> +my $map_fmt = {
> + node => get_standard_option('pve-node'),
> + path => {
> + description => "The path to the device node of the entropy source.",
> + type => 'string',
> + pattern => qr/^\/dev\/.+$/,
Style nit: could use | or ! as the regex delimiter to improve readability
Can we restrict this up-front somehow? I'd even be inclined to start out
with the enum we had in qemu-server. A generic path below /dev seems
prone to abuse at a first glance. Mapping.Modify for hardware RNG should
not ease access to other devices. And the check_rng_source() doesn't
currently offer any real protection either (just restricts the
/dev/hwrng case).
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
