mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-22 05:35:25 +00:00
Fix perms for virConnectDomainXML{To,From}Native (CVE-2013-4401)
The virConnectDomainXMLToNative API should require 'connect:write' not 'connect:read', since it will trigger execution of the QEMU binaries listed in the XML. Also make virConnectDomainXMLFromNative API require a full read-write connection and 'connect:write' permission. Although the current impl doesn't trigger execution of QEMU, we should not rely on that impl detail from an API permissioning POV. Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
This commit is contained in:
parent
8d35f9dbad
commit
57687fd6bf
@ -4611,6 +4611,10 @@ char *virConnectDomainXMLFromNative(virConnectPtr conn,
|
||||
virDispatchError(NULL);
|
||||
return NULL;
|
||||
}
|
||||
if (conn->flags & VIR_CONNECT_RO) {
|
||||
virLibDomainError(VIR_ERR_OPERATION_DENIED, __FUNCTION__);
|
||||
goto error;
|
||||
}
|
||||
|
||||
virCheckNonNullArgGoto(nativeFormat, error);
|
||||
virCheckNonNullArgGoto(nativeConfig, error);
|
||||
|
@ -3826,13 +3826,13 @@ enum remote_procedure {
|
||||
|
||||
/**
|
||||
* @generate: both
|
||||
* @acl: connect:read
|
||||
* @acl: connect:write
|
||||
*/
|
||||
REMOTE_PROC_CONNECT_DOMAIN_XML_FROM_NATIVE = 135,
|
||||
|
||||
/**
|
||||
* @generate: both
|
||||
* @acl: connect:read
|
||||
* @acl: connect:write
|
||||
*/
|
||||
REMOTE_PROC_CONNECT_DOMAIN_XML_TO_NATIVE = 136,
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user