mig5/enroll
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Activity Actions

CHANGELOG updates

Browse source
This commit is contained in:
Miguel Jacq 2026-06-22 12:47:39 +10:00
parent d93de8a8a2
commit bf1c72c542
Signed by: mig5
GPG key ID: 03906B4110AAD3B8
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
CHANGELOG.md
View file

@ -15,6 +15,7 @@
* Perform harvest validation before trying to manifest from it. * Perform harvest validation before trying to manifest from it.
* Stricter validation on FQDN name in multisite mode. * Stricter validation on FQDN name in multisite mode.
* Strict check of `$PATH` when running harvest as root, in case it could lead to execution of unsafe binaries during harvest. Override with `--assume-safe-path` for non-interactive or CI purposes. * Strict check of `$PATH` when running harvest as root, in case it could lead to execution of unsafe binaries during harvest. Override with `--assume-safe-path` for non-interactive or CI purposes.
* Stricter validation of the destination dirs that harvest or manifest write to, to prevent writing to a different user-controlled area. Stricter permissions on the output dirs too.
# 0.6.0 # 0.6.0