[libvirt] Re: SELinux SVirt/Qemu problems with current qemu design.
On Thu, Jan 15, 2009 at 07:32:25AM +1100, James Morris wrote:
On Wed, 14 Jan 2009, Daniel J Walsh wrote:
> I think labeling can be done to allow the access to directories, and
> files. So libvirt could go in an label a file/directory in such a way
> that the running qemu_t:s0.c10 can read or read/write the file/directory.
>
> Same with the ability to create save images, as long as the labeling is
> correct. The only problem I see here is the searching of the directory
> path to the location of the directories. If we want to allow users to
> store files/directories anywhere, we end up having to allow qemu_t the
> ability to at least search every directory on the system, and
> potentially read them. Having the ability to read a directory is
> sometimes valuable, for a hacker.
I thought the virt-manager etc. tools were moving toward using
standardized directories and not allowing users to put VM images
just anywhere.
Yes, in the next release we intend to remove the generic file browser
dialog, and do all file picking via the managed storage pool APIs in
libvirt. This means we know exactly what directories are expected to
hold disk / iso images and can ensure they are labelled suitably
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|