From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by lists.proxmox.com (Postfix) with ESMTPS id A23A792CF1 for ; Wed, 14 Sep 2022 16:15:53 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 3CE892D4AD for ; Wed, 14 Sep 2022 16:15:23 +0200 (CEST) Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com [94.136.29.106]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by firstgate.proxmox.com (Proxmox) with ESMTPS for ; Wed, 14 Sep 2022 16:15:22 +0200 (CEST) Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1]) by proxmox-new.maurer-it.com (Proxmox) with ESMTP id 9BB2B44145 for ; Wed, 14 Sep 2022 16:15:22 +0200 (CEST) Message-ID: <8856001e-0872-2032-3d60-2408845ffcda@proxmox.com> Date: Wed, 14 Sep 2022 16:15:21 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.2.2 From: Aaron Lauterer To: Proxmox VE development discussion , Dominik Csapak References: <20220621092012.1776825-1-d.csapak@proxmox.com> <20220621092012.1776825-10-d.csapak@proxmox.com> Content-Language: en-US In-Reply-To: <20220621092012.1776825-10-d.csapak@proxmox.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-SPAM-LEVEL: Spam detection results: 0 AWL 0.762 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment NICE_REPLY_A -1.583 Looks like a legit reply (A) SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record T_SCC_BODY_TEXT_LINE -0.01 - Subject: Re: [pve-devel] [PATCH qemu-server v7 1/1] api: update: check 'admin' tags privileges X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Sep 2022 14:15:53 -0000 Something that crossed my mind: Have you thought about not allowing tags if they match an admin tag, except for the '+'? Depending on what they will be used for in the future, there could be some potential to trick an admin by creating a similar regular tag. Any code relying on admin tags should not have an issue with that, but even though the color in the GUI should be different, one could try to trick an admin to do something they should not, depending on the tags. Visual spoofing with similar looking UTF8 characters should not be much of an issue, due to the regex used. On 6/21/22 11:19, Dominik Csapak wrote: > normal tags require 'VM.Config.Options' on the VM, admin tags require > 'Sys.Modify' on '/' > > a user can set/delete/reorder tags, as long as no admin tags get > added/removed > > Signed-off-by: Dominik Csapak [...]