[PVE-User] More restrictive disk image permissions
Derek Poon
derekp+pve at ece.ubc.ca
Thu Jun 27 17:46:21 CEST 2013
Proxmox stores KVM virtual disk images in /var/lib/vz/images/*/* with permissions 0644,root,root. It seems to me a security risk for the images to be world readable. In fact, the virtual machines can function just fine with permissions 0600.
Are the default permissions configurable? Why is it not more secure by default? Is there anything wrong with 0600 that I haven't considered?
Derek
More information about the pve-user
mailing list