qemu: Do not allow others into per-VM subdirectories

Signed-off-by: N Martin Kletzander <mkletzan@redhat.com>

qemu: Do not allow others into per-VM subdirectories
Signed-off-by: N Martin Kletzander <mkletzan@redhat.com>
192a1394 · Martin Kletzander · 64c6695f · 192a1394
显示空白变更内容
内联并排

Showing with 2 addition and 2 deletion

src/qemu/qemu_process.c src/qemu/qemu_process.c +2 -2

未找到文件。
--- a/src/qemu/qemu_process.c
+++ b/src/qemu/qemu_process.c
@@ -4734,7 +4734,7 @@ int qemuProcessStart(virConnectPtr conn,
    if (virAsprintf(&tmppath, "%s/domain-%s", cfg->libDir, vm->def->name) < 0)
        goto cleanup;
-    if (virFileMakePath(tmppath) < 0) {
+    if (virFileMakePathWithMode(tmppath, 0750) < 0) {
        virReportSystemError(errno, _("Cannot create directory '%s'"), tmppath);
        goto cleanup;
    }
@@ -4749,7 +4749,7 @@ int qemuProcessStart(virConnectPtr conn,
                    cfg->channelTargetDir, vm->def->name) < 0)
        goto cleanup;
-    if (virFileMakePath(tmppath) < 0) {
+    if (virFileMakePathWithMode(tmppath, 0750) < 0) {
        virReportSystemError(errno, _("Cannot create directory '%s'"), tmppath);
        goto cleanup;
    }