[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] Image probing: how it can be insecure, and what we coul
|
From: |
Gerd Hoffmann |
|
Subject: |
Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it |
|
Date: |
Wed, 05 Nov 2014 11:12:16 +0100 |
Hi,
> My proposal to ditch image contents probing entirely has more serious
> compatibility issues. In particular, we'd have to forgo sugared
> convenience syntax for a number of less common things. It definitely
> needs a grace period where all usage we're going to break warns. On the
> up side, it will actually be secure by default when it's done.
This makes most sense to me. We can even have a config option to
control this, i.e. something like ...
-guessformat={allow-content,allow-content-with-warning,filename-only,off}
... and over time we'll make things more strict by default.
People can tweak things locally via cfg file in /etc/qemu if they wish.
cheers,
Gerd
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, (continued)
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Markus Armbruster, 2014/11/06
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Max Reitz, 2014/11/06
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Jeff Cody, 2014/11/06
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Max Reitz, 2014/11/06
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Markus Armbruster, 2014/11/07
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Max Reitz, 2014/11/07
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Markus Armbruster, 2014/11/10
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Markus Armbruster, 2014/11/07
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Kevin Wolf, 2014/11/06
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Markus Armbruster, 2014/11/07
Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it,
Gerd Hoffmann <=
Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Eric Blake, 2014/11/05
Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Kevin Wolf, 2014/11/05
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Markus Armbruster, 2014/11/06
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Jeff Cody, 2014/11/06
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Kevin Wolf, 2014/11/06
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Markus Armbruster, 2014/11/07
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Jeff Cody, 2014/11/07