PegaProx Beta 0.9.13.2 — a security-audit hardening pass plus a batch of fixes and UI polish on top of 0.9.13.1.
🔒 Security (audit response)
A third-party security audit flagged a set of authorization gaps. These were reviewed by hand and closed:
- API-token object-level scoping — object-level checks (
user_can_access_vm& co.) now honour a token's scoped role, floored to the owner's current role, instead of the owner's stored role. An admin-owned, viewer/user-scoped token can no longer bypass per-VM/per-cluster checks. - Closed object-level access gaps — cluster-access gate on PBS backup restore; per-VM authorization on the VMware console-ticket endpoint; cluster-access checks on the VMware → Proxmox migration routes (and no more leaking other tenants' nodes/storage in the plan); per-VM
vm.snapshotchecks on snapshot-policy create/update/run (legacy policies keep running unfiltered). - Multi-tenant isolation + role hierarchy in user & role administration — a tenant-scoped admin is confined to their own tenant, and nobody can create or assign a role above their own.
- Per-action permissions on scheduled actions — scheduling a stop/reboot/snapshot now requires the matching permission, not just
vm.start.
🛠️ Fixes
- ESXi migration (vmkfstools clone): handles VMDK/folder names with spaces, and disks spread across multiple datastores (#561).
- Cross-cluster replication: "keep replica" now actually skips teardown on delete (#564); a job can be deleted when its cluster is gone (#563).
- Resource-pool visibility no longer pins an empty/errored membership build for the full TTL (#555).
- Load balancing won't migrate a VM to a node that can't fit its RAM.
- LXC detail shows OS type + IP (#560); QEMU guest-agent status no longer flickers.
- Language selector moved to user prefs + CSV export of cluster subscriptions, with a formula-injection guard (#558).
update.shaborts and restores on a partial fallback download (#168).
🎨 UI
- Corporate layout visual refresh — rounded cards, KPI accent chips, pill capacity bars, status dots, consistent density; Reports sub-nav aligned with the other sections.
- VNC screenshot preview in the corporate Console tile (uses
qm screendump, no console-open task spam).
❤️ Sponsors
PegaProx lives entirely from sponsorships and donations. Huge thanks to our sponsors — and especially our 💎 Platinum partners:
Want to support PegaProx? Become a sponsor. Every euro keeps the lights on. 💛