[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH 5/5] qemu: launch bridge helper from libvirtd


I still don't like using qemu-bridge-helper, but this is better than the
alternative of having qemu call it (although, due to the way that
process capabilities works, we are unable to prevent a rogue qemu
started by unprivileged libvirtd from calling it :-(

Maybe we can introduce a tighter seccomp sandbox environment that doesn't allow the QEMU process to call exec(), open(), socket() (and anything else?) on top of the syscalls that are already not included in the -sandbox whitelist. This would require fd's to be passed from libvirt. Eduardo's going to work on adding functionality in this area in case you have any suggestions.

Corey Bryant

ACK to this patch (I think I would prefer you left the qemuCaps arg in,
but others may disagree with me.)

libvir-list mailing list
libvir-list redhat com

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]