From: Noel Ullreich <n.ullreich@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: Re: [pve-devel] [PATCH pve-storage/pve-manager v3 0/4] fix #623: show isos/vztmpl/snippets in subdirs
Date: Mon, 3 Jul 2023 14:11:31 +0200 [thread overview]
Message-ID: <d520e4c5-39d0-1abb-9263-8b6dde9f1c67@proxmox.com> (raw)
In-Reply-To: <20230615120329.28764-1-n.ullreich@proxmox.com>
Ping. Still applies
With me leaving at the end of the month, I want to make sure there is
plenty of time for my outstanding patches to be reviewed, updated, and
applied.
On 15-06-2023 14:03, Noel Ullreich wrote:
> This patch fixes #623, allowing isos/vztmpl/snippets in subdirectories.
> This feature is opt-in and can be set from the API, web interface or
> with `pvesm`.
>
> I addressed the security concerns raised by Fabian, now parent
> directories in the path (i.e. `/my/path/../somewhere/`) are forbidded.
> I have kept the permission to use symlinks, however, if this is a
> security issue, symlinks can easily be forbidden as well. This,
> however, would be a breaking change.
>
> parts of the tests as well as the regex for checking, if a `/../` is in
> the path have been taken and/or adapted from an older patch that was
> never merged:
> https://lists.proxmox.com/pipermail/pve-devel/2020-May/043622.html
>
> This is a complete rework from v1, so I don't see a point in writing
> what the differences are. It's all different.
>
> ----
> changes from v2:
> * rebased so that applying with new structure in pve-storage works
> (/PVE was moved to /src/PVE/)
> * fixed the path of the volid for snippets in Pluggin.pm (thanks @Markus)
>
> Noel Ullreich (4):
>
> pve-storage:
> recursively go through subdirs to find files
> add `subdir-depth` option to filesystems
> update test for recursive subdir search
>
> src/PVE/Storage.pm | 7 +++
> src/PVE/Storage/CIFSPlugin.pm | 1 +
> src/PVE/Storage/CephFSPlugin.pm | 1 +
> src/PVE/Storage/DirPlugin.pm | 1 +
> src/PVE/Storage/GlusterfsPlugin.pm | 1 +
> src/PVE/Storage/NFSPlugin.pm | 1 +
> src/PVE/Storage/Plugin.pm | 63 +++++++++++++++++----------
> src/test/filesystem_path_test.pm | 18 ++++++++
> src/test/list_volumes_test.pm | 68 ++++++++++++++++++++++++++++++
> src/test/parse_volname_test.pm | 40 ++++++++++++++++++
> 10 files changed, 179 insertions(+), 22 deletions(-)
>
> pve-manager:
> www/manager6/storage/Base.js | 11 +++++++++++
> 1 file changed, 11 insertions(+)
next prev parent reply other threads:[~2023-07-03 12:11 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-15 12:03 Noel Ullreich
2023-06-15 12:03 ` [pve-devel] [PATCH pve-storage v3 1/3] recursively go through subdirs to find files Noel Ullreich
2023-07-14 11:30 ` Fabian Grünbichler
2023-06-15 12:03 ` [pve-devel] [PATCH pve-storage v3 2/3] add `subdir-depth` option to filesystems Noel Ullreich
2023-06-15 12:03 ` [pve-devel] [PATCH pve-storage v3 3/3] update test for recursive subdir search Noel Ullreich
2023-06-15 12:03 ` [pve-devel] [PATCH pve-manager v3]ui: add field to set subdir-depth in web interface Noel Ullreich
2023-07-17 13:07 ` Thomas Lamprecht
2023-06-15 12:56 ` [pve-devel] [PATCH pve-storage/pve-manager v3 0/4] fix #623: show isos/vztmpl/snippets in subdirs Markus Frank
2023-07-03 12:11 ` Noel Ullreich [this message]
2023-07-14 11:40 ` Fabian Grünbichler
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d520e4c5-39d0-1abb-9263-8b6dde9f1c67@proxmox.com \
--to=n.ullreich@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.