qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] virtio-rng and fd passing


From: Anthony Liguori
Subject: Re: [Qemu-devel] virtio-rng and fd passing
Date: Sun, 03 Mar 2013 15:06:12 -0600
User-agent: Notmuch/0.13.2+93~ged93d79 (http://notmuchmail.org) Emacs/23.3.1 (x86_64-pc-linux-gnu)

Stefan Berger <address@hidden> writes:

> It depends on what one defends against. If a jail-break succeeds and 
> open() is disabled, then that attack surfaces was effectively reduced. 
> It's hard to say whether opening files within libvirt could then allow 
> new exploits.

Well, in the very least, libvirt is doing the open() as root whereas
QEMU does it as an unprivileged user.

Regards,

Anthony Liguori

>
>      Stefan



reply via email to

[Prev in Thread] Current Thread [Next in Thread]