From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pve-devel-bounces@lists.proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
	by lore.proxmox.com (Postfix) with ESMTPS id A9B6D1FF187
	for <inbox@lore.proxmox.com>; Wed,  7 May 2025 11:15:31 +0200 (CEST)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
	by firstgate.proxmox.com (Proxmox) with ESMTP id 75419375EA;
	Wed,  7 May 2025 11:15:47 +0200 (CEST)
Date: Wed, 07 May 2025 11:15:41 +0200
From: Fabian =?iso-8859-1?q?Gr=FCnbichler?= <f.gruenbichler@proxmox.com>
To: Daniel Kral <d.kral@proxmox.com>, Proxmox VE development discussion
 <pve-devel@lists.proxmox.com>
References: <20250217121918.117810-1-d.kral@proxmox.com>
 <20250217121918.117810-4-d.kral@proxmox.com>
 <0c5bea7b-7e6b-4818-a40f-838c329b964e@proxmox.com>
In-Reply-To: <0c5bea7b-7e6b-4818-a40f-838c329b964e@proxmox.com>
MIME-Version: 1.0
User-Agent: astroid/0.16.0 (https://github.com/astroidmail/astroid)
Message-Id: <1746609148.q1r00y12mt.astroid@yuna.none>
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.046 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 DMARC_MISSING             0.1 Missing DMARC policy
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
Subject: Re: [pve-devel] [RFC manager 3/3] fix #6094: api: acme: allow to
 get plugin info with Sys.Audit on /
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
Reply-To: Proxmox VE development discussion <pve-devel@lists.proxmox.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: pve-devel-bounces@lists.proxmox.com
Sender: "pve-devel" <pve-devel-bounces@lists.proxmox.com>

On May 6, 2025 3:52 pm, Fiona Ebner wrote:
> Am 17.02.25 um 13:19 schrieb Daniel Kral:
>> Relax the required permissions to query the list of ACME plugins and
>> their configurations. Both API endpoints do only read the ACME plugins
>> configuration file but does not modify any system state.
> 
> Can't there be secrets in there that should not leak? I.e. the plugin
> config file is in /etc/pve/priv, so I'm not sure this should be relaxed.
> Even if it doesn't modify the state, it might be too sensitive for
> Sys.Audit.

we could maybe do what we do in other index API calls, and restrict the
returned information in case Sys.Modify is missing? this would basically
entail stripping the 'data' option for DNS plugins (which might contain
credentials), everything else should not be sensitive AFAICT..

OTOH, I am not sure there's much benefit to it either ;)

the ACME API parts which are still root only are probably more
interesting cleanup targets!


_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel