Am 24.07.24 um 19:18 schrieb Filip Schauer: > Add the deny_read and deny_write options for device passthrough, to > restrict container access to devices. > > This allows for passing through a device in read-only mode without > giving the container full access it. > > Up until now a container with a device passed through to it was granted > full access to that device without an option to restrict that access as > pointed out by @Fiona. > > Changes since v1: > * set default values for deny_read & deny_write > * remove the deny_read checkbox from the UI, since it is expected to > only have a very niche use case. >
We could also use dashes instead of underscores, i.e. "deny-read"/"deny-write" as we often do for new properties. Still not fully sure we need deny_read in the backend until somebody complains with a sensible use case, but I guess it doesn't hurt if it's already there. In any case: Reviewed-by: Fiona Ebner <f.eb...@proxmox.com> Tested-by: Fiona Ebner <f.eb...@proxmox.com> _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel