[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images
From: |
Eric Blake |
Subject: |
Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images |
Date: |
Fri, 15 Aug 2014 07:19:30 -0600 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.7.0 |
On 08/15/2014 06:14 AM, Jeff Cody wrote:
>
> And of course, convenience options like -hda spit out the deprecation
> warning - which I think is probably a good thing. Here is what I made
> it say:
>
> fprintf(stderr, "Format autodetection is deprecated and may be "
> "removed in future versions. Image format autodetection "
> "is not reliable; some image formats (e.g. raw) may "
> "masquerade as other image formats. This could lead to "
> "system data loss or leaks.\n");
>
>
> If we think doing this is a good thing, I'll continue modifying the
> qemu-iotests. Otherwise, I'll drop it.
>
I'm in favor of it. The original CVE against qemu (CVE-2008-2004) has
resulted in multiple libvirt CVEs over the years in dealing with
fallout; most recently, there was debate just this year on whether a
libvirt bug dealing with incorrect probing during drive-mirror
situations counted as a CVE (the determination was that because
libvirt's default is to prohibit probing, it did not; a user that
intentionally flips libvirt's configuration to again allow probing has
self-inflicted the vulnerability that I had uncovered).
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images, (continued)
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images, Jeff Cody, 2014/08/12
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images, Levente Kurusa, 2014/08/14
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images, Jeff Cody, 2014/08/14
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images, Kevin Wolf, 2014/08/15
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images, Markus Armbruster, 2014/08/15
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images, Jeff Cody, 2014/08/15
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images, Markus Armbruster, 2014/08/15
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images, Eric Blake, 2014/08/15
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images, Jeff Cody, 2014/08/15
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images, Jeff Cody, 2014/08/15
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images,
Eric Blake <=
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images, Kevin Wolf, 2014/08/15
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images, Jeff Cody, 2014/08/15
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images, Eric Blake, 2014/08/15
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images, Jeff Cody, 2014/08/15
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images, Eric Blake, 2014/08/15
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images, Jeff Cody, 2014/08/15
- Re: [Qemu-devel] [PATCH 0/3] vpc: support probing of fixed size images, Kevin Wolf, 2014/08/15