[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [qemu-xen-4.0-testing] Disable qemu monitor by default. The qemu monitor is an overly



commit eaa1bd612f50d2f253738ed19e14981e4ede98a5
Author: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
Date:   Thu Sep 6 17:05:30 2012 +0100

    Disable qemu monitor by default.  The qemu monitor is an overly
    powerful feature which must be protected from untrusted (guest)
    administrators.
    
    Neither xl nor xend expect qemu to produce this monitor unless it is
    explicitly requested.
    
    This is a security problem, XSA-19.  Previously it was CVE-2007-0998
    in Red Hat but we haven't dealt with it in upstream.  We hope to have
    a new CVE for it here but we don't have one yet.
    
    Signed-off-by: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
    (cherry picked from commit bacc0d302445c75f18f4c826750fb5853b60e7ca)
---
 vl.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/vl.c b/vl.c
index a49bf08..c5b605f 100644
--- a/vl.c
+++ b/vl.c
@@ -4901,7 +4901,7 @@ int main(int argc, char **argv, char **envp)
     kernel_cmdline = "";
     cyls = heads = secs = 0;
     translation = BIOS_ATA_TRANSLATION_AUTO;
-    monitor_device = "vc:80Cx24C";
+    monitor_device = "null";
 
     serial_devices[0] = "vc:80Cx24C";
     for(i = 1; i < MAX_SERIAL_PORTS; i++)
--
generated by git-patchbot for /home/xen/git/qemu-xen-4.0-testing.git

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.