vishesh92 commented on PR #11654: URL: https://github.com/apache/cloudstack/pull/11654#issuecomment-3306288741
> @vishesh92 is it a good idea to add some validations to these userdata configs, to avoid any kind of security risks ? IMO, it would be difficult to do that. Technically the user data could be a script which fetches a binary (malicious) from internet and executes it on the system VM and we won't be able to validate this. But since the global settings are scoped at zone level, only the operators can set the user data. I have also added a new global setting, `systemvm.userdata.enabled`, which is set to `false` by default. Unless this is set to `true`, the other global settings are ignored. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
