On 9/23/19 8:52 AM, Peter Krempa wrote:
Commit 7efe930ec3c introduced interlock of snapshots and checkpoints, but the check is executed prior to the snapshot API ACL check. This means that an unauthorized user can see whether a VM exists if it has a checkpoint.
Move the checks to proper places.
Signed-off-by: Peter Krempa <pkrempa@redhat.com> ---
Given that currently checkpoints by themselves are not very useful I doubt that there are users which could hit this. Thus I'm sending it also directly to the public mailing list for faster turnaround.
src/qemu/qemu_driver.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-)
Reviewed-by: Eric Blake <eblake@redhat.com> -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3226 Virtualization: qemu.org | libvirt.org