[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-discuss] manipulating raw disk image as non-root user

From: Dale R. Worley
Subject: Re: [Qemu-discuss] manipulating raw disk image as non-root user
Date: Mon, 4 Aug 2014 11:14:04 -0400

Perhaps you could add an entry to /etc/fstab with the 'user' option.
It would allow the mounting of a file with a specific name, looped
back to a specific mount point.  (Assuming you can set up loopback
mounts in /etc/fstab.)  It may be possible to set enough restrictions
in the fstab entry (noexec, nodev, etc.) to prevent this from being a
gigantic security hole.

(The actual safe way would be to write a setuid program that is given
the basic formatting specifications, creates an empty filesystem, and
mounts that.  That way the user can't put anything into the disk image
file beforehand that would compromise security.)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]