|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] QEMU "drive_init()" Disk Format Security Bypass
On 8/5/08 18:12, "Daniel P. Berrange" <berrange@xxxxxxxxxx> wrote: >> Should we break all old installations by requiring everyone to specify >> a format ? Or should we break only some old installations by >> retaining the current syntax to mean one thing or the other ? Perhaps >> we should attempt to guess according to the _filename_, which is >> controlled by the host and thus safe. Do users typically choose >> filenames for cow images which are enough of a giveaway ? > > Well, tap:XXX: style URLS already encode the format explicitly. So if > we made QEMU understand that syntax too, then that gives admins the > option to be secure, while keeping file: fas a legacy (unsecure) mode > for compatability. This has the added advantage that it'd be the same > syntax used for PV-on-HVM drivers, and avoids nasty guessing based on > filename. Yes, I think we should keep the existing syntax's existing semantics. Just as qemu/kvm have done. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |