-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 James Morris wrote:
On Wed, 14 Jan 2009, Daniel J Walsh wrote:
I think labeling can be done to allow the access to directories, and files. So libvirt could go in an label a file/directory in such a way that the running qemu_t:s0.c10 can read or read/write the file/directory.
Same with the ability to create save images, as long as the labeling is correct. The only problem I see here is the searching of the directory path to the location of the directories. If we want to allow users to store files/directories anywhere, we end up having to allow qemu_t the ability to at least search every directory on the system, and potentially read them. Having the ability to read a directory is sometimes valuable, for a hacker.
I thought the virt-manager etc. tools were moving toward using standardized directories and not allowing users to put VM images just anywhere.
This is more the iso images used to install virt images can be anywhere. So a user copies a iso image to his home directory and then installs the iso using virt-manager. Currently qemu_t would need to read user_home_t to make this work. If virt-manager/libvirt were to relabel the iso file to virt_image_t then qemu_t would be able to read it, iff it could search all of the parent directories. Daniel, has brought up the fact that additional files/directories could be added to the image via virt_manager, He is suggesting that virt-manager/libvirt would label images something like virt_image_t or virt_image_ro_t. With Svirt, these would also need the categories added. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkluVPcACgkQrlYvE4MpobPSSACg6eaZhuA+9teDqVN7ebRQkVV2 LTUAn0vKMh9TdHDvJOuT0iIeT3krHeP/ =Q/VZ -----END PGP SIGNATURE-----