libvirt/lxc at 1cadeafcaa422844a27ef622e2a7041d0235bcb3 - libvirt - Gitea

External/libvirt

mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-02-27 05:42:21 +00:00

History

Daniel P. Berrange 1cadeafcaa CVE-2013-6456: Avoid unsafe use of /proc/$PID/root in LXC chardev hostdev hotplug

Rewrite lxcDomainAttachDeviceHostdevMiscLive function
to use the virProcessRunInMountNamespace helper. This avoids
risk of a malicious guest replacing /dev with a absolute
symlink, tricking the driver into changing the host OS
filesystem.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

2014-02-18 12:59:14 +00:00

..

libvirtd_lxc.aug

…

lxc_cgroup.c

blkio: Setting throttle blkio cgroup for domain

2014-01-20 10:52:44 +08:00

lxc_cgroup.h

Auto-detect existing cgroup placement

2013-07-23 22:46:31 +01:00

lxc_conf.c

capabilities: add baselabel per sec driver/virt type to secmodel

2013-10-29 07:06:04 -06:00

lxc_conf.h

maint: Fix messy include of libvirt_internal.h

2014-01-07 10:03:14 +01:00

lxc_container.c

LXC from native: migrate fstab and lxc.mount.entry

2014-02-12 17:52:46 +00:00

lxc_container.h

LXC from native: migrate fstab and lxc.mount.entry

2014-02-12 17:52:46 +00:00

lxc_controller.c

LXC: create monitor socket under selinux context of domain

2014-01-08 11:10:03 +01:00

lxc_domain.c

maint: avoid 'const fooPtr' in domain_conf

2013-10-14 14:34:38 -06:00

lxc_domain.h

Store a virCgroupPtr instance in virLXCDomainObjPrivatePtr

2013-04-15 17:35:31 +01:00

lxc_driver.c

CVE-2013-6456: Avoid unsafe use of /proc/$PID/root in LXC chardev hostdev hotplug

2014-02-18 12:59:14 +00:00

lxc_driver.h

maint: don't use config.h in .h files

2013-06-05 05:53:25 -06:00

lxc_fuse.c

Add missing 'return 0;' in stub lxcStartFuse() method impl.

2013-11-18 16:12:39 +00:00

lxc_fuse.h

Avoid async signal safety problem in glibc's setxid

2013-11-18 15:36:23 +00:00

lxc_hostdev.c

lxc: Make activeUsbHostdevs use locks

2013-07-18 14:16:54 +02:00

lxc_hostdev.h

Rename all USB device functions to have a standard name prefix

2013-02-05 19:22:25 +00:00

lxc_monitor_protocol.x

Fix generation of systemtap probes for RPC protocols

2013-03-14 12:42:22 +00:00

lxc_monitor.c

virLXCMonitorClose: Unlock domain while closing monitor

2013-07-24 17:53:00 +02:00

lxc_monitor.h

Fix generation of systemtap probes for RPC protocols

2013-03-14 12:42:22 +00:00

lxc_native.c

lxc: Don't shadow global symbol "link"

2014-02-14 14:01:45 +01:00

lxc_native.h

LXC driver: started implementing connectDomainXMLFromNative

2014-02-12 17:52:46 +00:00

lxc_process.c

maint: avoid nested use of virConnect{Ref,Close}

2014-01-16 12:25:45 -07:00

lxc_process.h

lxc: switch to virCloseCallbacks API

2013-07-18 14:16:54 +02:00

lxc.conf

…

test_libvirtd_lxc.aug.in

…