After having a good discussion upstream I have to finally nack that for now.
See: https://www.redhat.com/archives/libvir-list/2018-August/msg00957.html
TL;DR: This is too much of a security risk to generally be allowed,
people are welcome to open these paths up as a local override on their
system,
** Merge proposal linked:
https://code.launchpad.net/~libvirt-maintainers/ubuntu/+source/libvirt/+git/libvirt/+merge/353150
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1786159
Title:
qemu smb
https://www.redhat.com/archives/libvir-list/2018-August/msg00783.html
https://www.redhat.com/archives/libvir-list/2018-August/msg00784.html
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1786159
Title:
FYI: Some of these rules are currently in discussion upstream as I
summarized the proposed changes to be included there.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1786159
Title:
qemu smb feature
It isn't my preference, but I guess it is a reasonable trade-off
(indeed, I though you might suggest it :). Better would be if libvirt
supported smb shares and we could add the rule (or a more specific one)
conditionally, but that isn't the case right now.
--
You received this bug notification be
Thanks Jamie as always for your "security pair of eyes"!
The denies are already gone for multiple reasons - so yes.
So I read from you that the dir reads themselve as you outlined above,
but not all of user-temp abstraction is a safe compromise - ok I'lll go
for that.
Yeah qemu-smb functionality
I disagree that blanket access to /tmp should be allowed since it breaks
application isolation (see
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1403648/comments/12).
Perhaps a better compromise would be to change this:
# allow access to charm-specific ceph config and silence spurious
This is part of the git for the next upload, but needs some tests to be good.
I intent to suggest the change upstream later on.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1786159
Title:
qemu smb
We have had other cases that are breaking due to /tmp being Denied - so the
denies to /tmp are taken out on a coming upload already.
The denies were added for bug 1365261 and a few comments in there mentioned
that they inhibit other features like samba (but also more like some
save/restore actio
This is sort of safe because:
- while /tmp could contain anything it is not recommended to put critical data
there anyway
- while it would be hard to predict the PID as part of the string (this is not
exposed through https://libvirt.org/formatdomain.html) so that virt-aa-helper
could generate it
10 matches
Mail list logo
