[pve-devel] [PATCH container v2] improve mountpoint parsing

[Dietmar Maurer]

> changes from v1:
> renamed function to verify_*
> added check for ../ at the beginning
> cleaned up regex (\.)? -> \.?


Can/should we add further restrictions to the allowed charset?

We currently have format 'pve-volume-id', which use

    if ($volid =~ m/^([a-z][a-z0-9\-\_\.]*[a-z0-9]):(.+)$/i) {

and 'pve-storage-path', which use

   if ($path !~ m|^/[^;\(\)]+|) {

to exclude shell meta characters (both defined in
pve-storage/PVE/Storage/Plugin.pm)

Maybe we should also restrict the path lenght?