On 22.06.21 18:52, Stoiko Ivanov wrote: > On Tue, 22 Jun 2021 17:15:08 +0200 > Thomas Lamprecht <[email protected]> wrote: > >> On 22.06.21 17:10, Stoiko Ivanov wrote: >>> I had a patch for untainting the individual values in >>> PVE::Storage::Plugin::volume_size_info but then went with this patch, >> >> I'd rather have that patch, especially for back-porting to stable. > Makes sense - sent the patch for pve-storage > >> I mean, else we can probably just turn of the taint mode completely, what's >> the >> point then. > I'm always a bit (too) cautious when it comes to turning of 'security' > related 'features' (even if mostly doubting that taint-mode fits either of > those 2 categories) - so not sure about disabling it in general > > the taint of the some of the run_command output on the other hand was > introduced as a side-effect with the changes last year afaict, and has
it really wasn't, it gave no guarantees and some callers did not checked for it, some floated up then, if we just blindly untainted anything it just has no benefit to run under taint mode, especially as we want to move over as much as possible to run_command anyway. Rather than just band-aiding it somewhere in the middle with a catch all regex that *completely* defeats the purpose of the concept of tainting, it can be better to either just disable or fix the few places where it's actual wrong with a local decision about how closely we can restrict the untainting, sometimes a match-all is all it can realistically be there, but not always. > caused at least 2 glitches since then... > which is really not much, and the whole "fool me once, ..." should make it easier to spot any remaining one ;-P _______________________________________________ pve-devel mailing list [email protected] https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
