Block all use of libvirt.so in setuid programs

Avoid people introducing security flaws in their apps by forbidding the use of libvirt.so in setuid programs, with a check in virInitialize. Signed-off-by: N Daniel P. Berrange <berrange@redhat.com> (cherry picked from commit 9cd6a57d)

Block all use of libvirt.so in setuid programs
Avoid people introducing security flaws in their apps by forbidding the use of libvirt.so in setuid programs, with a check in virInitialize. Signed-off-by: N Daniel P. Berrange <berrange@redhat.com> (cherry picked from commit 9cd6a57d)
0c4aec29 · Daniel P. Berrange · 54b33cc9 · 0c4aec29
隐藏空白更改
内联并排

Showing with 8 addition and 0 deletion

src/libvirt.c src/libvirt.c +8 -0

未找到文件。
--- a/src/libvirt.c
+++ b/src/libvirt.c
@@ -409,6 +409,14 @@ virGlobalInit(void)
        virErrorInitialize() < 0)
        goto error;

+#ifndef IN_VIRT_LOGIN_SHELL
+    if (virIsSUID()) {
+        virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+                       _("libvirt.so is not safe to use from setuid programs"));
+        goto error;
+    }
+#endif
+
 #ifdef WITH_GNUTLS_GCRYPT
    /*
     * This sequence of API calls it copied exactly from