mirror of
https://github.com/community-scripts/ProxmoxVE.git
synced 2026-03-24 10:53:00 +01:00
a3498644fc
Security fixes across multiple files: - install.func: Quote command substitutions in mkdir/systemctl to prevent word splitting and globbing on GETTY_OVERRIDE path - build.func: Escape sed special chars (& \) in current_os/hostname/ip before using them as sed replacement strings in update_motd_ip - build.func: Escape regex metacharacters (. |) in $LANG before sed use - build.func: Validate render_gid/video_gid as numeric before sed injection - build.func: Use HTTPS for Alpine APK repositories instead of HTTP - tools.func: Verify GPG dearmor output is non-empty (-s check) - tools.func: Tighten GPU device permissions from 666 to 660 (owner+group) - tools.func: Add chgrp render for /dev/kfd (AMD ROCm) - shinobi-install.sh: chmod 777 -> 644 on version.json - tasmoadmin-install.sh: chmod 777 -> 775 on tmp/data directories - runtipi.sh: chmod 666 -> 660 on settings.json