Add the deny_read and deny_write options for device passthrough, to restrict container access to devices.
This allows for passing through a device in read-only mode without giving the container full access it. Up until now a container with a device passed through to it was granted full access to that device without an option to restrict that access as pointed out by @Fiona. pve-container: Filip Schauer (1): add deny read/write options for device passthrough src/PVE/LXC.pm | 13 ++++++++++++- src/PVE/LXC/Config.pm | 10 ++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) pve-manager: Filip Schauer (1): ui: lxc: add deny read/write options for device passthrough www/manager6/lxc/DeviceEdit.js | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) Summary over all repositories: 3 files changed, 38 insertions(+), 1 deletions(-) -- Generated by git-murpp 0.6.0 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
