External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-07-30 21:47:18 +00:00
Code Issues Packages Projects Releases Wiki Activity
d665003da1
libvirt/daemon
History
Daniel P. Berrange 3e2f27e13b Don't link virt-login-shell against libvirt.so (CVE-2013-4400) 
The libvirt.so library has far too many library deps to allow
linking against it from setuid programs. Those libraries can
do stuff in __attribute__((constructor) functions which is
not setuid safe.

The virt-login-shell needs to link directly against individual
files that it uses, with all library deps turned off except
for libxml2 and libselinux.

Create a libvirt-setuid-rpc-client.la library which is linked
to by virt-login-shell. A config-post.h file allows this library
to disable all external deps except libselinux and libxml2.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-10-21 14:03:52 +01:00
..
libvirtd-config.c Introduce max_queued_clients 2013-08-05 11:03:01 +02:00
libvirtd-config.h Introduce max_queued_clients 2013-08-05 11:03:01 +02:00
libvirtd.aug Introduce max_queued_clients 2013-08-05 11:03:01 +02:00
libvirtd.c daemon: Remove more hardcoded paths from help output 2013-09-19 09:32:42 +02:00
libvirtd.conf Introduce max_queued_clients 2013-08-05 11:03:01 +02:00
libvirtd.h maint: don't use config.h in .h files 2013-06-05 05:53:25 -06:00
libvirtd.init.in daemon: Remove deprecated HAL from init script dependencies 2012-03-02 16:32:37 +01:00
libvirtd.logrotate.in Add logrotate support for libvirtd.log 2011-03-04 22:43:55 +08:00
libvirtd.lxc.logrotate.in Change logrotate to be per-hypervisor logs 2010-03-10 11:27:02 +01:00
libvirtd.pod.in Properly handle -h / -V for --help/--version aliases in virtlockd/libvirtd 2013-08-13 14:06:01 +01:00
libvirtd.policy.in daemon: Make the default PolicyKit policy auth_admin_keep. 2012-11-01 13:17:26 +00:00
libvirtd.qemu.logrotate.in Change logrotate to be per-hypervisor logs 2010-03-10 11:27:02 +01:00
libvirtd.sasl daemon: Fix command example in libvirtd.sasl 2013-07-09 10:01:55 -04:00
libvirtd.service.in Configuring systemd to restart libvirt on failure 2013-07-31 16:55:27 -06:00
libvirtd.sysconf daemon: Allow overriding NOFILES ulimit for the daemon as well 2012-02-01 16:04:30 +01:00
libvirtd.sysctl init: raise default system aio limits 2011-10-05 14:49:35 -06:00
libvirtd.uml.logrotate.in Change logrotate to be per-hypervisor logs 2010-03-10 11:27:02 +01:00
libvirtd.upstart daemon: Allow overriding NOFILES ulimit for the daemon as well 2012-02-01 16:04:30 +01:00
Makefile.am Don't link virt-login-shell against libvirt.so (CVE-2013-4400) 2013-10-21 14:03:52 +01:00
remote.c daemon: don't free domain if it's null 2013-10-18 07:41:34 +02:00
remote.h Implement the RPC protocol for the libvirt-lxc.la library 2013-01-15 18:16:53 +00:00
stream.c Fix max stream packet size for old clients 2013-09-30 19:01:23 +01:00
stream.h maint: fix up copyright notice inconsistencies 2012-09-20 16:30:55 -06:00
test_libvirtd.aug.in build: fix missing max_queued_clients in augeas test file for libvirtd.conf 2013-08-05 15:09:52 -04:00
THREADS.txt docs: fix usage of 'onto' 2013-04-19 14:31:16 -06:00