[pve-devel] Arbitrary file reading via malicious VM config
Thomas Lamprecht
t.lamprecht at proxmox.com
Wed Nov 27 09:15:15 CET 2024
Am 27.11.24 um 09:09 schrieb Thomas Lamprecht:
> The core assumption is that the admin doing the import fully controls both sides,
> VMWare ESXi and Proxmox VE.
> As otherwise this feature makes no sense, if the ESXi isn't trusted, it can do all
> sorts of bad things that just cannot be protected against, like e.g., inject some
> rootkits into the VM data stream at any time. And yes, it might also leak some
> data from the PVE host.
btw. what I forgot: This is not really special to the ESXi "storage" that can be
used for import, but any storage attached through network in general.
There is no definitive way to check all potential problems in a race-free way.
But stating that core assumptions one more time explicitly definitively won't
hurt for our docs.
More information about the pve-devel
mailing list