qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v4][ 5/7] guest agent: add guest agent RPCs/comm

From: Anthony Liguori
Subject: Re: [Qemu-devel] [PATCH v4][ 5/7] guest agent: add guest agent RPCs/commands
Date: Sat, 04 Jun 2011 17:29:41 -0500
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.17) Gecko/20110424 Lightning/1.0b2 Thunderbird/3.1.10 
On 06/04/2011 03:08 PM, Andi Kleen wrote:

Michael Roth<address@hidden>  writes:

+
+int64_t qmp_guest_file_open(const char *filename, const char *mode, Error 
**err)
+{
+    FILE *fh;
+    int fd, ret;
+    int64_t id = -1;
+
+    if (!logging_enabled()) {
+        error_set(err, QERR_QGA_LOGGING_FAILED);
+        goto out;
+    }
+    slog("guest-file-open called, filename: %s, mode: %s", filename, mode);
+    fh = fopen(filename, mode);
+    if (!fh) {
+        error_set(err, QERR_OPEN_FILE_FAILED, filename);
+        goto out;
+    }


Does this really allow a guest to open any host file ?!?
It does the opposite. The host can open files in the guest. Since the host can see the disk image of the guest anyway, it already could do this albeit it in a more convoluted way. 

Regards,

Anthony Liguroi


Have you considered all the security implications of that?

-Andi
reply via email to
[Prev in Thread] Current Thread [Next in Thread]