1. 24 12月, 2015 20 次提交
  2. 13 12月, 2015 1 次提交
    • E
      CVE-2015-5313: storage: don't allow '/' in filesystem volume names · d0357966
      Eric Blake 提交于
      The libvirt file system storage driver determines what file to
      act on by concatenating the pool location with the volume name.
      If a user is able to pick names like "../../../etc/passwd", then
      they can escape the bounds of the pool.  For that matter,
      virStoragePoolListVolumes() doesn't descend into subdirectories,
      so a user really shouldn't use a name with a slash.
      
      Normally, only privileged users can coerce libvirt into creating
      or opening existing files using the virStorageVol APIs; and such
      users already have full privilege to create any domain XML (so it
      is not an escalation of privilege).  But in the case of
      fine-grained ACLs, it is feasible that a user can be granted
      storage_vol:create but not domain:write, and it violates
      assumptions if such a user can abuse libvirt to access files
      outside of the storage pool.
      
      Therefore, prevent all use of volume names that contain "/",
      whether or not such a name is actually attempting to escape the
      pool.
      
      This changes things from:
      
      $ virsh vol-create-as default ../../../../../../etc/haha --capacity 128
      Vol ../../../../../../etc/haha created
      $ rm /etc/haha
      
      to:
      
      $ virsh vol-create-as default ../../../../../../etc/haha --capacity 128
      error: Failed to create vol ../../../../../../etc/haha
      error: Requested operation is not valid: volume name '../../../../../../etc/haha' cannot contain '/'
      Signed-off-by: NEric Blake <eblake@redhat.com>
      (cherry picked from commit 034e47c3)
      d0357966
  3. 16 10月, 2015 1 次提交
  4. 07 10月, 2015 2 次提交
    • C
      spec: Fix some warnings with latest rpmbuild · 404e42d3
      Cole Robinson 提交于
      $ rpmbuild -ba libvirt.spec
      warning: Macro expanded in comment on line 5: # If neither fedora nor rhel was defined, try to guess them from %{dist}
      
      warning: Macro %enable_autotools defined but not used within scope
      warning: Macro %client_only defined but not used within scope
      ...
      
      (cherry picked from commit dae1250b)
      404e42d3
    • C
      qemu: Fix dynamic_ownership qemu.conf setting · ee7a6085
      Cole Robinson 提交于
      Commit 307fb904 (Sep 10) added a 'privileged' variable when creating
      the DAC driver:
      
      @@ -153,6 +157,7 @@ virSecurityManagerNewDAC(const char *virtDriver,
                                bool defaultConfined,
                                bool requireConfined,
                                bool dynamicOwnership,
      +                         bool privileged,
                                virSecurityManagerDACChownCallback chownCallback)
      
      But argument order is mixed up at the caller, swapping dynamicOwnership
      and privileged values. This corrects the argument order
      
      https://bugzilla.redhat.com/show_bug.cgi?id=1266628
      (cherry picked from commit 68572de8)
      ee7a6085
  5. 22 9月, 2015 16 次提交