qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing opti


From: Markus Armbruster
Subject: Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing options via the environment
Date: Tue, 09 Jul 2019 07:53:15 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux)

Daniel P. Berrangé <address@hidden> writes:

> On Mon, Jul 08, 2019 at 12:27:12PM +0200, Philippe Mathieu-Daudé wrote:
[...]
>> Anyway, to stop bikeshedding this thread, can you add few lines about
>> why not use getenv() in the HACKING?
>
> I don't actually think the getenv thing is a security issue in any case.
> If there was a security problem exploitable via getenv, then the bug would
> lie in the application invoking QEMU for not ensuring the ENV contents
> were safe before exec'ing QEMU.

Correct.

>                                 Libvirt is paranoid by default and scrubs
> QEMU's env only keeping a specific sanitized whitelist for exactly these
> reasons.

Must have for running programs with different privileges.

Corrollary: a program that does not use getenv() at all is slightly
harder to misuse with different privileges.  Irrelevant in practice,
because libraries use getenv(), starting with ld.so.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]