[pve-devel] [PATCH container/manager 0/2] add deny read/write options for device passthrough
Fiona Ebner
f.ebner at proxmox.com
Wed Jul 24 12:20:06 CEST 2024
Am 29.04.24 um 15:15 schrieb Filip Schauer:
> Add the deny_read and deny_write options for device passthrough, to
> restrict container access to devices.
>
In the UI, it think it's enough to expose a checkbox for read-only. Use
cases that deny reads seem a bit esoteric, so I'm not even sure we
should add deny_read in the back-end before somebody complains. But no
strong opinion there.
> This allows for passing through a device in read-only mode without
> giving the container full access it.
>
> Up until now a container with a device passed through to it was granted
> full access to that device without an option to restrict that access as
> pointed out by @Fiona.
>
More information about the pve-devel
mailing list