Package: vde2
Version: 2.2.1-1
Severity: wishlist
Improve the permission on /var/run/vde2 and /var/run/vde2/*.ctl (or
whatever ctl file is chosen).
First I should indicate that I can see no reason why 2775 (ie. o+rx) is
a bad idea on /var/run/ctl. Any user who can run ps or ifconfig can
guess what's inside. If there is a compelling reason why this is a bad
thing then so be it.
On the other hand, if it remains 2770 then anybody who wishes to connect
a vde port must be in the vde2-net group, which also grants access to
write to the /var/run/vde2 directory and, by extension, connect to the
management port.
The attached patch allows one group (passed to vde_switch) to be given
rights to connect to ports while another (vde2-net) gets authority to
manage the switch itself.
If vde_switch is passed -g vmuser, then the various directories look
like (with one port attached):
drwxrwsr-x 3 vde2-net vde2-net 4096 2008-06-21 20:27 /var/run/vde2
drwxrws--- 2 root vmuser 4096 2008-06-21 20:27
/var/run/vde2/vde_lego_kvm.ctl
srwx------ 1 mking vmuser 0 2008-06-21 20:27
/var/run/vde2/vde_lego_kvm.ctl/002
srw-rw---- 1 root vmuser 0 2008-06-21 20:27
/var/run/vde2/vde_lego_kvm.ctl/ctl
srw-rw---- 1 root vde2-net 0 2008-06-21 20:27
/var/run/vde2/vde_lego_kvm.mgmt
-rw-r--r-- 1 root vde2-net 6 2008-06-21 20:27
/var/run/vde2/vde_lego_kvm.pid
Matthew
diff -ur vde2-2.2.1/debian/network/if-pre-up.d/vde2
vde2-2.2.1-owner/debian/network/if-pre-up.d/vde2
--- vde2-2.2.1/debian/network/if-pre-up.d/vde2 2008-06-21 20:52:48.000000000
+0100
+++ vde2-2.2.1-owner/debian/network/if-pre-up.d/vde2 2008-06-21
19:58:17.000000000 +0100
@@ -21,7 +21,7 @@
if [ ! -d /var/run/vde2 ]; then
mkdir -p /var/run/vde2
chown vde2-net:vde2-net /var/run/vde2
- chmod 2770 /var/run/vde2
+ chmod 2775 /var/run/vde2
fi
# vde2-switch [-|<args>]
diff -ur vde2-2.2.1/debian/postinst vde2-2.2.1-owner/debian/postinst
--- vde2-2.2.1/debian/postinst 2008-06-21 20:52:48.000000000 +0100
+++ vde2-2.2.1-owner/debian/postinst 2008-06-21 20:58:55.000000000 +0100
@@ -13,7 +13,7 @@
if ! dpkg-statoverride --list /var/run/vde2 >/dev/null; then
chown vde2-net:vde2-net /var/run/vde2
- chmod 2770 /var/run/vde2
+ chmod 2775 /var/run/vde2
fi
if [ ! -e /dev/.devfsd ] && [ ! -e /dev/net/tun ]; then
diff -ur vde2-2.2.1/src/vde_switch/datasock.c
vde2-2.2.1-owner/src/vde_switch/datasock.c
--- vde2-2.2.1/src/vde_switch/datasock.c 2008-06-15 17:49:16.000000000
+0100
+++ vde2-2.2.1-owner/src/vde_switch/datasock.c 2008-06-21 20:22:19.000000000
+0100
@@ -418,6 +418,10 @@
printlog(LOG_ERR,"Could not set the VDE ctl directory '%s'
permissions: %s", ctl_socket, strerror(errno));
exit(-1);
}
+ if(chown(ctl_socket,-1,grp_owner) < 0) {
+ printlog(LOG_ERR, "Could not chown the VDE ctl directory '%s':
%s", ctl_socket, strerror(errno));
+ exit(-1);
+ }
sun.sun_family = AF_UNIX;
snprintf(sun.sun_path,sizeof(sun.sun_path),"%s/ctl",ctl_socket);
if(bind(connect_fd, (struct sockaddr *) &sun, sizeof(sun)) < 0){
--
I must take issue with the term "a mere child", for it has been my
invariable experience that the company of a mere child is infinitely
preferable to that of a mere adult.
-- Fran Lebowitz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
