|
From: | Philip Boulain |
Subject: | Re: [Qemu-devel] [PATCH 4/4][RFC] Add logic to QEMU to read command line options from qcow2 images |
Date: | Sat, 11 Aug 2007 19:06:08 +0100 |
User-agent: | Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 |
andrzej zaborowski wrote:
Yes, the file format starting with "#! /path/to/qemu" is a much better idea...
That should probably be "#!/usr/bin/env qemu", or something similar, if the intent is that "self-executing" image files are mostly zero-effort portable across (UNIX-y) host environments.
Anthony Liguori wrote:
The disk image is directly executable and it makes it very clear to the user that they have to trust the disk image.
Only if qemu only read the embedded arguments in the case where it was executed as a script interpreter for the image, and/or only if the image's execute bit is set. In other words, this should prevent embedded arguments from being used:
$ chmod -x dubious-image.qcow2 $ qemu -hda dubious-image.qcow2This also doesn't apply outside of UNIX-like environments, e.g. Windows; if someone had told Explorer to launch image files as "qemu.exe -hda (image)" (which is as close to shebanging a data file as you can really get), this could really be a nasty surprise.
LionsPhil
[Prev in Thread] | Current Thread | [Next in Thread] |