|
From: | Corey Bryant |
Subject: | Re: [Qemu-devel] [PATCH v2 3/4] Add cap reduction support to enable use as SUID |
Date: | Mon, 24 Oct 2011 16:20:50 -0400 |
User-agent: | Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.15) Gecko/20110303 Lightning/1.0b2 Thunderbird/3.1.9 |
On 10/24/2011 03:21 PM, Anthony Liguori wrote:
On 10/24/2011 02:13 PM, Corey Bryant wrote:Right, it's not desirable, but isn't that the best we can do without libcap or FS capabilities?I think the best we can do is not let it run in those cases. :) I'd like see if others in the community have an opinion on this though.IMHO, it should work as an setuid binary maintaining root privileges. As long as it's a small binary (which it is) and is easy to audit, it should be safe. Regards, Anthony Liguori
Alright, I'll concede on this. I'll run a static analyzer on the code and let it run as root if libcap-ng is not configured.
It would be nice to also cut an audit record, but I'm not seeing a precedence for doing that in QEMU. Any thoughts?
-- Regards, Corey
[Prev in Thread] | Current Thread | [Next in Thread] |