yesBad/pve-storage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

storage add: always extract password from parameters

Browse Source 
as else we write it to /etc/pve/storage.cfg which is readable by
www-data, a not really private group...

Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Thomas Lamprecht
2018-06-29 13:16:10 +02:00
parent 2d4404fc63
commit d7b707626a
1 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
PVE/API2/Storage/Config.pm
View File

@ -133,8 +133,15 @@ __PACKAGE__->register_method ({
# fix me in section config create never need an empty entity.
delete $param->{nodes} if !$param->{nodes};
my $password = extract_param($param, 'password')
if $type eq 'cifs' && $param->{username};
my $password;
# always extract pw, else it gets written to the www-data readable scfg
if (my $tmp_pw = extract_param($param, 'password')) {
if ($type eq 'cifs' && $param->{username}) {
$password = $tmp_pw;
} else {
warn "ignore password parameter\n";
}
}
if ($param->{portal}) {
$param->{portal} = PVE::Storage::resolv_portal($param->{portal});