From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id 9EE921FF187 for ; Mon, 28 Jul 2025 11:58:25 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id A44591F1DA; Mon, 28 Jul 2025 11:59:47 +0200 (CEST) Date: Mon, 28 Jul 2025 11:59:40 +0200 From: Fabian =?iso-8859-1?q?Gr=FCnbichler?= To: Proxmox VE development discussion References: <20250725154936.281471-1-f.weber@proxmox.com> In-Reply-To: <20250725154936.281471-1-f.weber@proxmox.com> MIME-Version: 1.0 User-Agent: astroid/0.16.0 (https://github.com/astroidmail/astroid) Message-Id: <1753696364.bhxw524hb8.astroid@yuna.none> X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1753696776121 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.047 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment RCVD_IN_VALIDITY_CERTIFIED_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_RPBL_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. RCVD_IN_VALIDITY_SAFE_BLOCKED 0.001 ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: Re: [pve-devel] [PATCH storage] plugin: volume snapshot info: untaint snapshot filename X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Cc: w.bumiller@proxmox.com Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" On July 25, 2025 5:48 pm, Friedrich Weber wrote: > Without untainting, offline-deleting a volume-chain snapshot on a > directory storage via the GUI fails with an "Insecure dependecy in > exec [...]" error, because volume_snapshot_delete uses the filename > its qemu-img invocation. > > Signed-off-by: Friedrich Weber > --- > > Notes: > I'm not too familiar with the taint mode. Allowing anything that > starts with a slash seems a little lax, but I don't know if we can do > any meaningful validation here -- let me know if we can. > > src/PVE/Storage/Plugin.pm | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/src/PVE/Storage/Plugin.pm b/src/PVE/Storage/Plugin.pm > index a817186..2bd05bd 100644 > --- a/src/PVE/Storage/Plugin.pm > +++ b/src/PVE/Storage/Plugin.pm > @@ -1789,6 +1789,7 @@ sub volume_snapshot_info { > my $snapshots = $json_decode; > for my $snap (@$snapshots) { > my $snapfile = $snap->{filename}; > + ($snapfile) = $snapfile =~ m|^(/.*)|; # untaint we also validate that the path matches our naming scheme below, but that is mostly concerned with the final component.. I called out that the references for backing images are not relative in a previous iteration of the qcow2 patch series, it seems that slipped through? right now, it's not possible to change the backing directory path of the storage, or the LVM VG without breaking all snapshot chains stored there because all the back references to snapshots are using absolute paths instead of relative ones.. if we fix that (and we probably should?), then the untainting RE here would become wrong again.. > my $snapname = $get_snapname_from_path->($volname, $snapfile); > #not a proxmox snapshot > next if !$snapname; _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel