Libvirt provides a portable, long term stable C API for managing the virtualization technologies provided by many operating systems. It includes support for QEMU, KVM, Xen, LXC, bhyve, Virtuozzo, VMware vCenter and ESX, VMware Desktop, Hyper-V, VirtualBox and the POWER Hypervisor.
Go to file
Ján Tomko 470d6f5546 api: disallow virDomainSaveImageGetXMLDesc on read-only connections
The virDomainSaveImageGetXMLDesc API is taking a path parameter,
which can point to any path on the system. This file will then be
read and parsed by libvirtd running with root privileges.

Forbid it on read-only connections.

Fixes: CVE-2019-10161
Reported-by: Matthias Gerstner <mgerstner@suse.de>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
(cherry picked from commit aed6a032ce)
Signed-off-by: Ján Tomko <jtomko@redhat.com>

Conflicts:
  src/libvirt-domain.c
  src/remote/remote_protocol.x

Upstream commit 12a51f372 which introduced the VIR_DOMAIN_SAVE_IMAGE_XML_SECURE
alias for VIR_DOMAIN_XML_SECURE is not backported.
Just skip the commit since we now disallow the whole API on read-only
connections, regardless of the flag.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2019-06-24 10:26:33 +02:00
.gnulib@f39477dba7 maint: update to latest gnulib 2015-06-01 13:23:18 -06:00
build-aux bracket-spacing: Add syntax-check for unnecessary curly brackets 2014-11-14 17:13:36 +01:00
daemon libvirtd: enable virtlockd/virtlogd socket activation on install 2015-12-07 17:32:49 +00:00
docs Release of libvirt-1.3.0 2015-12-09 17:13:48 +08:00
examples apparmor: add missing qemu binaries 2015-11-25 08:35:06 +01:00
gnulib maint: fix date in local gnulib patch 2015-01-05 16:44:10 +00:00
include admin: Rename virAdmConnect to virAdmDaemon 2015-12-01 11:44:48 +01:00
m4 build: accomodate selinux 2.5 header API change 2016-10-03 17:40:53 +02:00
po Release of libvirt-1.3.0 2015-12-09 17:13:48 +08:00
src api: disallow virDomainSaveImageGetXMLDesc on read-only connections 2019-06-24 10:26:33 +02:00
tests build: accomodate selinux 2.5 header API change 2016-10-03 17:40:53 +02:00
tools virsh: remove custom error for cpulist from cmdIOThreadPin 2015-12-03 13:58:52 +01:00
.ctags maint: Make ctags work out of the box 2013-07-18 08:47:21 +02:00
.dir-locals.el build: avoid tabs that failed syntax-check 2012-09-06 09:43:46 -06:00
.gitignore virt-admin: Introduce first working skeleton 2015-11-30 09:44:28 +01:00
.gitmodules make .gnulib a submodule 2009-07-08 16:17:51 +02:00
.mailmap maint: update .mailmap for recent contributions 2015-03-20 06:17:55 -06:00
AUTHORS.in AUTHORS: Add myself to the list of committers 2015-10-08 11:48:26 +02:00
autobuild.sh Disable libvirtd by default when building on Win32 2014-04-29 11:30:32 +01:00
autogen.sh maint: improve usage of autogen's --no-git 2015-02-06 11:35:29 -07:00
bootstrap maint: update to latest gnulib 2015-03-26 09:41:55 -06:00
bootstrap.conf bootstrap: Don't require python-config 2015-08-06 14:35:14 +02:00
cfg.mk maint: fix syntax-check sc_prohibit_int_ijk exclude rule 2016-10-03 17:40:14 +02:00
ChangeLog-old Fix typos in src/* 2014-04-21 16:49:08 -06:00
config-post.h build: fix build of virt-login-shell on systems with older gnutls 2013-10-22 09:41:50 -06:00
configure.ac libvirt: introduce libvirt/libvirt-common.h.in 2015-11-30 09:36:19 +01:00
COPYING maint: follow recommended practice for using LGPL 2013-05-20 14:15:21 -06:00
COPYING.LESSER maint: Remove control characters from LGPL license file 2015-09-25 09:16:24 +02:00
HACKING maint: document use of zanata for translations 2015-06-10 15:26:44 -06:00
libvirt-admin.pc.in Add libvirt-admin library 2015-06-16 13:46:20 +02:00
libvirt-lxc.pc.in Add pkg-config files for libvirt-qemu & libvirt-lxc 2014-06-23 16:17:27 +01:00
libvirt-qemu.pc.in Add pkg-config files for libvirt-qemu & libvirt-lxc 2014-06-23 16:17:27 +01:00
libvirt.pc.in Add pkg-config files for libvirt-qemu & libvirt-lxc 2014-06-23 16:17:27 +01:00
libvirt.spec.in Release of libvirt-1.3.0 2015-12-09 17:13:48 +08:00
Makefile.am examples: Add missing build data for 'rename' 2015-09-07 09:00:19 +02:00
Makefile.nonreentrant maint: use LGPL correctly 2013-05-20 14:03:48 -06:00
mingw-libvirt.spec.in parallels: substitute parallels with vz spec file and Makefile 2015-06-17 15:07:55 +03:00
README Correct typos in the documentation (Atsushi SAKAI) 2008-01-24 10:15:13 +00:00
README-hacking docs: update README-hacking 2014-05-06 16:20:24 -06:00
run.in Add PKG_CONFIG_PATH to run.in script. 2014-06-26 14:32:35 +01:00
TODO Update todo list file to point at bugzilla/website 2010-10-13 16:45:26 +01:00

         LibVirt : simple API for virtualization

  Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). It is free software
available under the GNU Lesser General Public License. Virtualization of
the Linux Operating System means the ability to run multiple instances of
Operating Systems concurrently on a single hardware system where the basic
resources are driven by a Linux instance. The library aim at providing
long term stable C API initially for the Xen paravirtualization but
should be able to integrate other virtualization mechanisms if needed.

Daniel Veillard <veillard@redhat.com>