mirror of
https://git.proxmox.com/git/pve-manager
synced 2025-10-10 02:12:15 +00:00
a3fe9c5410
These allow one to indirectly access resources from the POV of the Proxmox VE cluster nodes. While gotify is relatively harmless, smtp could already cause more problems to admins that are not aware of the implications of allowing users to add targets while having some open smtp relay that is only accessible from networks the PVE nodes can access but not the user that can talk with PVE's API. The webhook one is then pretty much free-form and might cause some adverse effects in environments that are only loosely guarded, and while that might point at general security problems, it's likely that admins will still place the blame at our projects. So while the former should not be problematic, the new not yet fully released webhooks could have some impact. That said, it currently requires Mapping.Modify, which is a intermediate powerful level priv, so it's not like any user could use this. Still, hedging for the safer side here seems the better choice for now, we still can open this up if there's user feedback and we deem it safe enough doing so. Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com> |
||
|---|---|---|
| .. | ||
| Ceph | ||
| Cluster | ||
| Hardware | ||
| ACME.pm | ||
| ACMEAccount.pm | ||
| ACMEPlugin.pm | ||
| APT.pm | ||
| Backup.pm | ||
| Capabilities.pm | ||
| Ceph.pm | ||
| Certificates.pm | ||
| Cluster.pm | ||
| HAConfig.pm | ||
| Hardware.pm | ||
| Makefile | ||
| Network.pm | ||
| NodeConfig.pm | ||
| Nodes.pm | ||
| Pool.pm | ||
| Replication.pm | ||
| ReplicationConfig.pm | ||
| Services.pm | ||
| Subscription.pm | ||
| Tasks.pm | ||
| VZDump.pm | ||