[Libguestfs] [PATCH libnbd] api: Allow NBD URIs to be restricted.
Richard W.M. Jones
rjones at redhat.com
Sun Oct 20 11:06:23 UTC 2019
Previous discussion:
https://www.redhat.com/archives/libguestfs/2019-August/msg00102.html
Last night I experimentally added support for URIs that contain the
query parameter tls-psk-file, as part of rewriting the tests to cover
more of the URI code. So you can now have a URI like:
nbds://alice@localhost/?tls-psk-file=keys.psk
However there's an obvious security problem here because now any
libnbd program which takes URIs from less trusted sources will open a
local file under the user's control.
So it's time to restrict what can appear in URIs.
I've added three new APIs for this purpose, see generator/generator in
this patch for documentation. The defaults are fairly liberal, except
we do prevent opening local files (except socket) by default.
Rich.
More information about the Libguestfs
mailing list