On 4/3/19 8:00 AM, Daniel P. Berrangé wrote:
Getting the guest time and hostname both require use of guest agent commands. These must not be allowed for read-only users, so the permissions check must validate "write" permission not "read".
Fixes CVE-2019-3886 Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/remote/remote_protocol.x | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x index 74be4b37d0..11f44ee267 100644 --- a/src/remote/remote_protocol.x +++ b/src/remote/remote_protocol.x @@ -5513,7 +5513,7 @@ enum remote_procedure {
/** * @generate: both - * @acl: domain:read + * @acl: domain:write */ REMOTE_PROC_DOMAIN_GET_HOSTNAME = 277,
@@ -5908,7 +5908,7 @@ enum remote_procedure {
/** * @generate: none - * @acl: domain:read + * @acl: domain:write */ REMOTE_PROC_DOMAIN_GET_TIME = 337,
Reviewed-by: Jim Fehlig <jfehlig@suse.com> Regards, Jim