[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Libguestfs] [libvirt] Proposed libguestfs API for implementing libvirt virConnectOpenAuth



On Mon, Oct 15, 2012 at 11:23:04AM -0400, Cole Robinson wrote:
> On 10/15/2012 04:01 AM, Richard W.M. Jones wrote:
> > 
> > From 9eea45e80ad80283f1a89f792bcf0c174818f4a2 Mon Sep 17 00:00:00 2001
> > From: "Richard W.M. Jones" <rjones redhat com>
> > Date: Mon, 15 Oct 2012 09:01:13 +0100
> > Subject: [PATCH] daemon: Make the default PolicyKit policy auth_admin_keep.
> > 
> > ---
> >  daemon/libvirtd.policy.in | 4 ++--
> >  1 file changed, 2 insertions(+), 2 deletions(-)
> > 
> > diff --git a/daemon/libvirtd.policy.in b/daemon/libvirtd.policy.in
> > index 000c17e..df42e5f 100644
> > --- a/daemon/libvirtd.policy.in
> > +++ b/daemon/libvirtd.policy.in
> > @@ -31,8 +31,8 @@ version 2. See COPYING for details.
> >        <defaults>
> >          <!-- Any program can use libvirt in read/write mode if they
> >               provide the root password -->
> > -        <allow_any>auth_admin</allow_any>
> > -        <allow_inactive>auth_admin</allow_inactive>
> > +        <allow_any>@authaction@</allow_any>
> > +        <allow_inactive>@authaction@</allow_inactive>
> >          <allow_active>@authaction@</allow_active>
> >        </defaults>
> >      </action>
> 
> ACK

While this patch does what Rich intends it todo, I'm a little wary of
changing this, since this is a security relevant setting. Looking at
the rules on my F17 box, there is a fair mix of different triples
used by apps. Some have (no, no, auth_admin_keep), some have
(auth_admin, auth_amdin., auth_admin_keep) and others have
(auth_admin_keep, auth_admin_keep, auth_admin_keep). The actions that
give broader / more serious access seem to have a slight bias against
using the _keep variant for any/inactive.

I don't have a good answer here, but I think we should seek guidance
on this before changing our defaults.

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]