diff --git a/src/libvirt.c b/src/libvirt.c index dd07db69885c2aa2baa6ffef790955fa767c382c..d4d7f717289364999f88fc2b10658e4ea5a172fd 100644 --- a/src/libvirt.c +++ b/src/libvirt.c @@ -409,6 +409,14 @@ virGlobalInit(void) virErrorInitialize() < 0) goto error; +#ifndef IN_VIRT_LOGIN_SHELL + if (virIsSUID()) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("libvirt.so is not safe to use from setuid programs")); + goto error; + } +#endif + #ifdef WITH_GNUTLS_GCRYPT /* * This sequence of API calls it copied exactly from