[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 1/3] qtest: Enable creation of multiple qemu ins
|
From: |
Jason Baron |
|
Subject: |
Re: [Qemu-devel] [PATCH 1/3] qtest: Enable creation of multiple qemu instances |
|
Date: |
Mon, 17 Dec 2012 12:13:59 -0500 |
|
User-agent: |
Mutt/1.5.20 (2009-12-10) |
On Sat, Dec 15, 2012 at 09:20:13AM +0000, Blue Swirl wrote:
> On Sat, Dec 15, 2012 at 9:14 AM, Paolo Bonzini <address@hidden> wrote:
> >> > +#define QTEST_FILE_TEMP "/tmp/qtest-%d.sock"
> >> > +#define QTEST_QMP_FILE_TEMP "/tmp/qtest-%d.qmp"
> >> > +#define QTEST_PID_FILE_TEMP "/tmp/qtest-%d.pid"
> >>
> >> These filenames are too predictable from security point of view,
> >
> > This need not be secure as long as the file is created with 0600
> > permissions. In fact, inspecting the pid file from the shell can
> > be useful.
>
> Permissions do not help at all because the attacker could for example
> target overwriting of a critical file.
>
> >
> > However, using mkstemp() on a prefix that includes the parent pid
> > can indeed be the best of both worlds.
>
> Yes.
>
> >
> > Paolo
>
Yes, but mkstemp() creates the file, and bind() returns EADDRINUSE, if the file
already exists.
Using mktemp() in this case, with bind() should be ok, since bind() checks if
the file exists and then creates it, if not, all within the bind() system call
(so its atomic).
Thanks,
-Jason
[Qemu-devel] [PATCH 3/3] qtest: add migrate-test, Jason Baron, 2012/12/13