[libvirt] [PATCH 0/3] Fix access controls for virtlockd/virtlogd sockets

Tuesday, 21 May 2019

This series fixes CVE-2019-10132

It is pushed to master as it was reviewed on the security list
ahead of time.

Daniel P. Berrangé (3):
  admin: reject clients unless their UID matches the current UID
  locking: restrict sockets to mode 0600
  logging: restrict sockets to mode 0600

 src/admin/admin_server_dispatch.c     | 22 ++++++++++++++++++++++
 src/locking/virtlockd-admin.socket.in |  1 +
 src/locking/virtlockd.socket.in       |  1 +
 src/logging/virtlogd-admin.socket.in  |  1 +
 src/logging/virtlogd.socket.in        |  1 +
 5 files changed, 26 insertions(+)

-- 
2.21.0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[libvirt] [PATCH 0/3] Fix access controls for virtlockd/virtlogd sockets