Re: [libvirt] [PATCH v2 REPOST 2/8] Qemu arbitrary command-line arguments.
On 07/02/2010 07:29 AM, Chris Lalancette wrote:
> Technically, any string that does not contain = can be inserted
as an
> environment name, but then you can't access them from the shell. So
> it's best to restrict environment names to portable names (basically,
> the same set as shell variable names).
Interesting point. Since we are directly invoking qemu with execve, in
theory, qemu could access an environment name that doesn't conform to the
shell's rules. That being said, since many people are invoking qemu through
a shell, I doubt qemu would do something like that.
So what do we think; add the restriction, or no?
I'm in favor of adding the restriction. Otherwise, we are allowing a
backdoor where libvirt can make qemu do something that regular shell
invocation of qemu cannot.
--
Eric Blake eblake(a)redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 619 bytes)