f4242's latest activity
-
Ff4242 replied to the thread What Permissions are needed on the PVE/PBS-Remotes for a Datacenter Manager User?.This become less useful that way. I may opt for that anyway, not sure yet. I know this is still an 1.0 release, it's expected things are not perfect on first release but I hope your mind changes and there is some security upgrade one day because...
-
Ff4242 replied to the thread What Permissions are needed on the PVE/PBS-Remotes for a Datacenter Manager User?.Not necessary. You are right if the administrator credentials are stolen, you are done. 2FA can help here while not perfect But PDM server could be hacked without the use of an administrator credential. The high privilege token could be stolen...
-
Ff4242 replied to the thread What Permissions are needed on the PVE/PBS-Remotes for a Datacenter Manager User?.Best would be the use of both I guess. A low privilege service account for PDM, I understand it would just need readonly access. Plus the privilege token of the administrator that allow the admin to do everything he need. I'm currently...
-
Ff4242 replied to the thread What Permissions are needed on the PVE/PBS-Remotes for a Datacenter Manager User?.Hi, I think there is something wrong with the PDM security model. Instead of using a generic token with full permission on PVE side, PDM should forward the user authentication to PVE (retreive some kind of temporary token with user's...
-
FHello, I have a rule that's removing attachment when it's detected as "dangerous". The rule trigger on "what objects" with various content type filters, archive filters and match filename. When an attachment is removed this log something like...
-
FHello, I'm currently looking to buy new PVE nodes. For networking adapters, is there a better one? Is there one with better linux/pve support? Broadcom 57416 Dual Port 10Gbe Base-T Intel X710-T2L Dual Port 10Gbe Base-T I did find some issues...