Re: [PATCH 23/24] vhost-user-fs: Implement drop CAP

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 23/24] vhost-user-fs: Implement drop CAP_FSETID functionality

From:	Stefan Hajnoczi
Subject:	Re: [PATCH 23/24] vhost-user-fs: Implement drop CAP_FSETID functionality
Date:	Mon, 15 Feb 2021 15:57:11 +0000

On Thu, Feb 11, 2021 at 09:40:31AM -0500, Vivek Goyal wrote:
> On Thu, Feb 11, 2021 at 02:35:42PM +0000, Stefan Hajnoczi wrote:
> > On Tue, Feb 09, 2021 at 07:02:23PM +0000, Dr. David Alan Gilbert (git) 
> > wrote:
> > > From: Vivek Goyal <vgoyal@redhat.com>
> > > 
> > > As part of slave_io message, slave can ask to do I/O on an fd. 
> > > Additionally
> > > slave can ask for dropping CAP_FSETID (if master has it) before doing I/O.
> > > Implement functionality to drop CAP_FSETID and gain it back after the
> > > operation.
> > > 
> > > This also creates a dependency on libcap-ng.
> > 
> > Is this patch only for the case where QEMU is running as root?
> > 
> 
> Yes, it primarily is for the case where qemu is running as root, or
> somebody managed to launch it non-root but with still having capability
> CAP_FSETID.

Running QEMU as root is not encouraged because the security model is
designed around the principle of least privilege (only give QEMU access
to resources that belong to the guest).

What happens in the case where QEMU is not root? Does that mean QEMU
will drop suid/guid bits even if the FUSE client wanted them to be
preserved?

Stefan

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 17/24] DAX/unmap virtiofsd: Add wrappers for VHOST_USER_SLAVE_FS_IO, (continued)
- [PATCH 17/24] DAX/unmap virtiofsd: Add wrappers for VHOST_USER_SLAVE_FS_IO, Dr. David Alan Gilbert (git), 2021/02/09
  - Re: [PATCH 17/24] DAX/unmap virtiofsd: Add wrappers for VHOST_USER_SLAVE_FS_IO, Stefan Hajnoczi, 2021/02/11
- [PATCH 20/24] DAX/unmap virtiofsd: route unmappable write to slave command, Dr. David Alan Gilbert (git), 2021/02/09
- [PATCH 21/24] DAX:virtiofsd: implement FUSE_INIT map_alignment field, Dr. David Alan Gilbert (git), 2021/02/09
- [PATCH 22/24] vhost-user-fs: Extend VhostUserFSSlaveMsg to pass additional info, Dr. David Alan Gilbert (git), 2021/02/09
- [PATCH 16/24] DAX/unmap: virtiofsd: Add VHOST_USER_SLAVE_FS_IO, Dr. David Alan Gilbert (git), 2021/02/09
  - Re: [PATCH 16/24] DAX/unmap: virtiofsd: Add VHOST_USER_SLAVE_FS_IO, Stefan Hajnoczi, 2021/02/11
- [PATCH 23/24] vhost-user-fs: Implement drop CAP_FSETID functionality, Dr. David Alan Gilbert (git), 2021/02/09
  - Re: [PATCH 23/24] vhost-user-fs: Implement drop CAP_FSETID functionality, Stefan Hajnoczi, 2021/02/11
    - Re: [PATCH 23/24] vhost-user-fs: Implement drop CAP_FSETID functionality, Vivek Goyal, 2021/02/11
    - Re: [PATCH 23/24] vhost-user-fs: Implement drop CAP_FSETID functionality, Stefan Hajnoczi <=
    - Re: [PATCH 23/24] vhost-user-fs: Implement drop CAP_FSETID functionality, Vivek Goyal, 2021/02/16
    - Re: [PATCH 23/24] vhost-user-fs: Implement drop CAP_FSETID functionality, Stefan Hajnoczi, 2021/02/22
- [PATCH 24/24] virtiofsd: Ask qemu to drop CAP_FSETID if client asked for it, Dr. David Alan Gilbert (git), 2021/02/09

Prev by Date: Re: [PATCH v4 16/21] i386: track explicit 'hv-*' features enablement/disablement
Next by Date: Re: [PATCH] docs/sphinx/qapidoc.py: Handle change of QAPI's builtin module name
Previous by thread: Re: [PATCH 23/24] vhost-user-fs: Implement drop CAP_FSETID functionality
Next by thread: Re: [PATCH 23/24] vhost-user-fs: Implement drop CAP_FSETID functionality
Index(es):
- Date
- Thread