render / rpms / libvirt

Forked from rpms/libvirt 9 months ago
Clone
Source Code
GIT

Blame SOURCES/libvirt-Fix-perms-for-virConnectDomainXML-To-From-Native.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8-beta-stream-rhel c8-sig-altarch-stream-rhel c8-stream-rhel c8s-sig-hyperscale c8s-stream-rhel c9 c9-beta c9s-sig-hyperscale libvirt-hyperscale-10.4.0 upgrade-hyperscale-libvirt
  1.   6bf70852b1b46fcef2b89fef83fe45a7315e9f27
  2.   SOURCES
  3.   libvirt-Fix-perms-for-virConnectDomainXML-To-From-Native.patch
Blob History Raw
43fe83 
From ae5cbaaba2cf9419004cc9972f18c4ad4e555ba8 Mon Sep 17 00:00:00 2001
43fe83 
Message-Id: <ae5cbaaba2cf9419004cc9972f18c4ad4e555ba8.1382534062.git.jdenemar@redhat.com>
43fe83 
From: "Daniel P. Berrange" <berrange@redhat.com>
43fe83 
Date: Tue, 22 Oct 2013 17:18:07 +0100
43fe83 
Subject: [PATCH] Fix perms for virConnectDomainXML{To, From}Native
43fe83
43fe83 
CVE-2013-4401
43fe83
43fe83 
The virConnectDomainXMLToNative API should require 'connect:write'
43fe83 
not 'connect:read', since it will trigger execution of the QEMU
43fe83 
binaries listed in the XML.
43fe83
43fe83 
Also make virConnectDomainXMLFromNative API require a full
43fe83 
read-write connection and 'connect:write' permission. Although the
43fe83 
current impl doesn't trigger execution of QEMU, we should not
43fe83 
rely on that impl detail from an API permissioning POV.
43fe83
43fe83 
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
43fe83 
(cherry picked from commit 57687fd6bf7f6e1b3662c52f3f26c06ab19dc96c)
43fe83 
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
43fe83 
---
43fe83 
 src/libvirt.c                | 4 ++++
43fe83 
 src/remote/remote_protocol.x | 4 ++--
43fe83 
 2 files changed, 6 insertions(+), 2 deletions(-)
43fe83
43fe83 
diff --git a/src/libvirt.c b/src/libvirt.c
43fe83 
index 66e8248..1a6c771 100644
43fe83 
--- a/src/libvirt.c
43fe83 
+++ b/src/libvirt.c
43fe83 
@@ -4606,6 +4606,10 @@ char *virConnectDomainXMLFromNative(virConnectPtr conn,
43fe83 
         virDispatchError(NULL);
43fe83 
         return NULL;
43fe83 
     }
43fe83 
+    if (conn->flags & VIR_CONNECT_RO) {
43fe83 
+        virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
43fe83 
+        goto error;
43fe83 
+    }
43fe83
43fe83 
     virCheckNonNullArgGoto(nativeFormat, error);
43fe83 
     virCheckNonNullArgGoto(nativeConfig, error);
43fe83 
diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x
43fe83 
index a8450b1..c7181da 100644
43fe83 
--- a/src/remote/remote_protocol.x
43fe83 
+++ b/src/remote/remote_protocol.x
43fe83 
@@ -3812,13 +3812,13 @@ enum remote_procedure {
43fe83
43fe83 
     /**
43fe83 
      * @generate: both
43fe83 
-     * @acl: connect:read
43fe83 
+     * @acl: connect:write
43fe83 
      */
43fe83 
     REMOTE_PROC_CONNECT_DOMAIN_XML_FROM_NATIVE = 135,
43fe83
43fe83 
     /**
43fe83 
      * @generate: both
43fe83 
-     * @acl: connect:read
43fe83 
+     * @acl: connect:write
43fe83 
      */
43fe83 
     REMOTE_PROC_CONNECT_DOMAIN_XML_TO_NATIVE = 136,
43fe83
43fe83 
--
43fe83 
1.8.4
43fe83

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation