|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [qemu-xen-4.0-testing] Disable qemu monitor by default. The qemu monitor is an overly
commit eaa1bd612f50d2f253738ed19e14981e4ede98a5
Author: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
Date: Thu Sep 6 17:05:30 2012 +0100
Disable qemu monitor by default. The qemu monitor is an overly
powerful feature which must be protected from untrusted (guest)
administrators.
Neither xl nor xend expect qemu to produce this monitor unless it is
explicitly requested.
This is a security problem, XSA-19. Previously it was CVE-2007-0998
in Red Hat but we haven't dealt with it in upstream. We hope to have
a new CVE for it here but we don't have one yet.
Signed-off-by: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
(cherry picked from commit bacc0d302445c75f18f4c826750fb5853b60e7ca)
---
vl.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/vl.c b/vl.c
index a49bf08..c5b605f 100644
--- a/vl.c
+++ b/vl.c
@@ -4901,7 +4901,7 @@ int main(int argc, char **argv, char **envp)
kernel_cmdline = "";
cyls = heads = secs = 0;
translation = BIOS_ATA_TRANSLATION_AUTO;
- monitor_device = "vc:80Cx24C";
+ monitor_device = "null";
serial_devices[0] = "vc:80Cx24C";
for(i = 1; i < MAX_SERIAL_PORTS; i++)
--
generated by git-patchbot for /home/xen/git/qemu-xen-4.0-testing.git
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |