Re: [libvirt] [PATCH 09/14] Avoid unsafe use of /proc/$PID/root in LXC shutdown/reboot code
On 02/07/2014 08:33 AM, Daniel P. Berrange wrote:
From: Eric Blake <eblake(a)redhat.com>
Use helper virProcessRunInMountNamespace in lxcDomainShutdownFlags and
lxcDomainReboot. Otherwise, a malicious guest could use symlinks
to force the host to manipulate the wrong file in the host's namespace.
Idea by Dan Berrange, based on an initial report by Reco
<recoverym4n(a)gmail.com> at
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=732394
Signed-off-by: Eric Blake <eblake(a)redhat.com>
---
src/lxc/lxc_driver.c | 38 ++++++++++++++++++++------------------
src/util/virinitctl.c | 26 ++++++++++----------------
src/util/virinitctl.h | 5 ++---
3 files changed, 32 insertions(+), 37 deletions(-)
I guess the fact that you reposted my patch serves as the ACK :)
+++ b/src/util/virinitctl.h
@@ -1,7 +1,7 @@
/*
* virinitctl.h: API for talking to init systems via initctl
*
- * Copyright (C) 2012 Red Hat, Inc.
+ * Copyright (C) 2012-2013 Red Hat, Inc.
Oh my - I wrote it that long ago. We can add 2014 here.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 604 bytes)