@zigo (#200) i attached the patchfile of the additional tests
@bryan (#198) i agree that if there are indeed backing files being used in cinder natively that this will cause issues.
The only way i can think of fixing this would be by having some kind of allowlist of backing files which are ok?
However then a user uploading a qcow2 could still use a backing file, it would just need to match the allowlist. Probably it could then still be used to read snapshots or so of other users.
Alternatively do we have some way of knowing which qcow2 file should have a backing file? in this case we could skip the check just for these.
@zigo (#200) i attached the patchfile of the additional tests
@bryan (#198) i agree that if there are indeed backing files being used in cinder natively that this will cause issues.
The only way i can think of fixing this would be by having some kind of allowlist of backing files which are ok?
However then a user uploading a qcow2 could still use a backing file, it would just need to match the allowlist. Probably it could then still be used to read snapshots or so of other users.
Alternatively do we have some way of knowing which qcow2 file should have a backing file? in this case we could skip the check just for these.