[PVE-User] More restrictive disk image permissions

Derek Poon derekp+pve at ece.ubc.ca
Thu Jun 27 17:46:21 CEST 2013


Proxmox stores KVM virtual disk images in /var/lib/vz/images/*/* with permissions 0644,root,root.  It seems to me a security risk for the images to be world readable.  In fact, the virtual machines can function just fine with permissions 0600.

Are the default permissions configurable?  Why is it not more secure by default?  Is there anything wrong with 0600 that I haven't considered?

Derek


More information about the pve-user mailing list