|
 |
43fe83 |
From b019d146357887bcf45b85b251f568d54e1bafb1 Mon Sep 17 00:00:00 2001
|
|
|
43fe83 |
Message-Id: <b019d146357887bcf45b85b251f568d54e1bafb1.1383321465.git.jdenemar@redhat.com>
|
|
|
43fe83 |
From: "Daniel P. Berrange" <berrange@redhat.com>
|
|
|
43fe83 |
Date: Wed, 30 Oct 2013 17:01:57 +0000
|
|
|
43fe83 |
Subject: [PATCH] Block all use of libvirt.so in setuid programs
|
|
|
43fe83 |
|
|
|
43fe83 |
For
|
|
|
43fe83 |
|
|
|
43fe83 |
https://bugzilla.redhat.com/show_bug.cgi?id=1015247
|
|
|
43fe83 |
|
|
|
43fe83 |
Avoid people introducing security flaws in their apps by
|
|
|
43fe83 |
forbidding the use of libvirt.so in setuid programs, with
|
|
|
43fe83 |
a check in virInitialize.
|
|
|
43fe83 |
|
|
|
43fe83 |
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
|
|
43fe83 |
(cherry picked from commit 9cd6a57db6ea6762fbf85c59c379a27fa6e7fd2e)
|
|
|
43fe83 |
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
|
|
|
43fe83 |
---
|
|
|
43fe83 |
src/libvirt.c | 8 ++++++++
|
|
|
43fe83 |
1 file changed, 8 insertions(+)
|
|
|
43fe83 |
|
|
|
43fe83 |
diff --git a/src/libvirt.c b/src/libvirt.c
|
|
|
43fe83 |
index 54c90ec..e008368 100644
|
|
|
43fe83 |
--- a/src/libvirt.c
|
|
|
43fe83 |
+++ b/src/libvirt.c
|
|
|
43fe83 |
@@ -409,6 +409,14 @@ virGlobalInit(void)
|
|
|
43fe83 |
virErrorInitialize() < 0)
|
|
|
43fe83 |
goto error;
|
|
|
43fe83 |
|
|
|
43fe83 |
+#ifndef IN_VIRT_LOGIN_SHELL
|
|
|
43fe83 |
+ if (virIsSUID()) {
|
|
|
43fe83 |
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
|
|
|
43fe83 |
+ _("libvirt.so is not safe to use from setuid programs"));
|
|
|
43fe83 |
+ goto error;
|
|
|
43fe83 |
+ }
|
|
|
43fe83 |
+#endif
|
|
|
43fe83 |
+
|
|
|
43fe83 |
#ifdef WITH_GNUTLS_GCRYPT
|
|
|
43fe83 |
/*
|
|
|
43fe83 |
* This sequence of API calls it copied exactly from
|
|
|
43fe83 |
--
|
|
|
43fe83 |
1.8.4.2
|
|
|
43fe83 |
|