Re: [Qemu-devel] [PATCH v3 22/26] Add a fallback bios file search, if -L

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v3 22/26] Add a fallback bios file search, if -L

From:	Peter Maydell
Subject:	Re: [Qemu-devel] [PATCH v3 22/26] Add a fallback bios file search, if -L fails.
Date:	Sun, 21 Oct 2012 10:52:04 +0100

On 21 October 2012 08:26, Michael Tokarev <address@hidden> wrote:
> On 20.10.2012 00:43, Jason Baron wrote:
>> +char *qemu_find_file(int type, const char *name)
>> +{
>> +    char *filename;
>> +
>> +    /* Try the name as a straight path first */
>> +    if (access(name, R_OK) == 0) {
>> +        return g_strdup(name);
>> +    }
>
> FWIW, this can be a security issue, when a more privileged
> user tries to run qemu from trusted path (/usr/bin) in a
> directory owned by non-privileged user, to utilize -runas
> or somesuch.  I understand it's been this way since the
> beginning.
>
> Maybe we can do a bit better here, like (windows systems
> aside) this:
>
>     if (strchr(name, '/') && access(name, R_OK) == 0) {...}

We used to do that, but it was removed in commit 3178320
because it's inconsistent with how we handle other file
access (like -kernel). The documentation says -bios takes
a filename, so it should just take a filename, with no
weird undocumented restrictions.

If you want qemu not to read files from the current
working directory by default the right fix for that is
probably to make those defaults be "foo.bin in the bios path",
not unqualified "foo.bin".

-- PMM

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [PATCH v3 13/26] ich9: Add the lpc chip, (continued)
- [Qemu-devel] [PATCH v3 18/26] q35: Suppress SMM BIOS initialization under KVM, Jason Baron, 2012/10/19
- [Qemu-devel] [PATCH v3 16/26] ich9: Add i82801b11 dmi-to-pci bridge, Jason Baron, 2012/10/19
  - Re: [Qemu-devel] [PATCH v3 16/26] ich9: Add i82801b11 dmi-to-pci bridge, Michael S. Tsirkin, 2012/10/22
- [Qemu-devel] [PATCH v3 14/26] ich9: Add smbus, Jason Baron, 2012/10/19
  - Re: [Qemu-devel] [PATCH v3 14/26] ich9: Add smbus, Michael S. Tsirkin, 2012/10/22
- [Qemu-devel] [PATCH v3 22/26] Add a fallback bios file search, if -L fails., Jason Baron, 2012/10/19
  - Re: [Qemu-devel] [PATCH v3 22/26] Add a fallback bios file search, if -L fails., Michael Tokarev, 2012/10/21
    - Re: [Qemu-devel] [PATCH v3 22/26] Add a fallback bios file search, if -L fails., Peter Maydell <=
- [Qemu-devel] [PATCH v3 23/26] q35: automatically load the q35 dsdt table, Jason Baron, 2012/10/19
- [Qemu-devel] [PATCH v3 25/26] q35: fill in usb pci slots with -usb, Jason Baron, 2012/10/19
  - Re: [Qemu-devel] [PATCH v3 25/26] q35: fill in usb pci slots with -usb, Gerd Hoffmann, 2012/10/22
  - Re: [Qemu-devel] [PATCH v3 25/26] q35: fill in usb pci slots with -usb, Paolo Bonzini, 2012/10/24
- [Qemu-devel] [PATCH v3 15/26] q35: Introduce q35 pc based chipset emulator, Jason Baron, 2012/10/19
- [Qemu-devel] [PATCH v3 21/26] q35: Add kvmclock support, Jason Baron, 2012/10/19
- [Qemu-devel] [PATCH v3 26/26] ich9: add support pci assignment, Jason Baron, 2012/10/19
- [Qemu-devel] [PATCH v3 20/26] q35: smbus: Remove PCI_STATUS_SIG_SYSTEM_ERROR and PCI_STATUS_DETECTED_PARITY from w1cmask, Jason Baron, 2012/10/19
  - Re: [Qemu-devel] [PATCH v3 20/26] q35: smbus: Remove PCI_STATUS_SIG_SYSTEM_ERROR and PCI_STATUS_DETECTED_PARITY from w1cmask, Michael S. Tsirkin, 2012/10/21
- [Qemu-devel] [PATCH v3 17/26] Add i21154 bridge chip., Jason Baron, 2012/10/19

Prev by Date: Re: [Qemu-devel] [PATCH v3 22/26] Add a fallback bios file search, if -L fails.
Next by Date: Re: [Qemu-devel] [PATCH v3 20/26] q35: smbus: Remove PCI_STATUS_SIG_SYSTEM_ERROR and PCI_STATUS_DETECTED_PARITY from w1cmask
Previous by thread: Re: [Qemu-devel] [PATCH v3 22/26] Add a fallback bios file search, if -L fails.
Next by thread: [Qemu-devel] [PATCH v3 23/26] q35: automatically load the q35 dsdt table
Index(es):
- Date
- Thread