[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [fedora-virt] libguestfs best practices: Exposing files from the host for the duration of a session



Michael Ansel wrote:
1) root (UID=0, everywhere) is the only one installing packages, so
the UID mapping lines up perfectly every time
libguestfs in general, and host filesystem access in particular, is good for more than just installing packages, though admittedly that's my immediate use case.

2) you only need root access on the host once when you are building
the VM; you don't need NFS after it is already built
Even if there were no use case for access to files off the host other than early installation --

Why is it acceptable for libguestfs to require root access *ever*, when so many alternate transport mechanisms (9p, ccgfs, FTP, qemu's built in smb, etc) are available which wouldn't create this constraint?

If I'm building a piece of software invoked by untrusted users in a lab environment, I don't want that software to need, or have any means to access, root. Ever. For anything, at all.


By the way -- I'm tired too (normal wakeup time in ~3.25 hours), so please excuse my tone if it's a bit harsh.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]