[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] tools: Restrict configuration of qemu processes

Ian Jackson writes ("Re: [Xen-devel] [PATCH] tools: Restrict configuration of 
qemu processes"):
> Jim Fehlig writes ("[Xen-devel] [PATCH] tools: Restrict configuration of qemu 
> processes"):
> > Commit 6ef823fd added '-nodefaults' to the qemu args created by
> > libxl, which is a good step in restricting qemu's default
> > configuration. This change takes another step by adding
> > -no-user-config, which ignores any user-provided config files in
> > sysconfdir. Together, -nodefaults and -no-user-config allow Xen
> > to avoid unkown and uncontrolled qemu configuration.
> > 
> > Both options are also added to the qemu invocation in the
> > xen-qemu-dom0-disk-backend systemd service file.
> Queued, thanks.  Also listed for backport.

I found this on my backport todo list.  Thinking about it, I have had
second thoughts.

I worry that existing users of stable branches might be relying on the
user config feature (for example by dropping qemu configuration in
~root).  If they are, then applying this would break things for them.

It's not a security problem because in xen the configuration in
question would have to come from ~root.

So I think, probably, that we should leave this be (ie, not backport
the patch).  Does anyone want to try to change my mind ?


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.