git.proxmox.com Git - pve-access-control.git/commit

]> git.proxmox.com Git - pve-access-control.git/commit - src/PVE/AccessControl.pm

projects / pve-access-control.git / commit

author	Fabian Grünbichler <f.gruenbichler@proxmox.com>
	Mon, 20 Jun 2022 11:05:12 +0000 (13:05 +0200)
committer	Thomas Lamprecht <t.lamprecht@proxmox.com>
	Mon, 20 Jun 2022 13:47:03 +0000 (15:47 +0200)
commit	37d3c16b25644f953647b512d9d231c866fa94e0
tree	254afe25f19814a1db1d5392266e87abdb42e88a	tree
parent	59164ff16b32b8ad67727642ff16975a8168dcce	commit \| diff

perm check: forbid undefined/empty ACL path

to detect similar issues to that fixed in the previous commit early on
and without the potential for dangerous side-effects.

root@pam is intentionally still allowed before the check in case such
situations can be triggered by misconfiguration - root@pam can then
still clean up the affected configs via the GUI/API, and not just via
manual editing.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>

src/PVE/API2/AccessControl.pm		diff \| blob \| blame \| history
src/PVE/AccessControl.pm		diff \| blob \| blame \| history
src/PVE/RPCEnvironment.pm		diff \| blob \| blame \| history

Access control framework

RSS Atom