[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [virt-tools-list] [virt-viewer][PATCH 0/6] Create actions menu



Hi,

On 01/19/2013 11:09 PM, Doug Goldstein wrote:

<snip>

4) Forced shutdown

As a desktop user I want to be able to forcefully turn off the running
virtual
machine. This is important in cases where the virtual machine is not
responding
anymore, e.g. BSOD.


I think having the above 4 make sense, esp. since 1-3 are things which can
be
triggered from inside the guest using guest specific menus too, so we're
just
adding a more convenient way to do this, not adding new options.


But everything below to me clearly belongs in the realm of a management
tool,
not virt-viewer.


I'll agree with you for users that would have sudo/root privileges
inside of the guest, but users that have access limited accounts
inside the guest this would very clearly open up more access than they
have in the guest

For most distro's that is not true, connecting to a vm
over vnc / spice gets seen by the vm as being physically present
behind the console (which makes sense since the user is using
a virtual ps/2 keyboard _ vga-card, not an ssh session). And on
most distros the shutdown button in the deskto-manager (ie gdm /
lightdm) and inside the menu of a logged-in X session will work
just fine to shutdown / reboot the machine.

and would need to be correctly managed via ACLs,
which is something that hasn't landed in libvirt yet.

This is an unrelated, dare I say completely orthogonal, problem.
A user with the necessary credentials to connect to a libvirt
managed vm, can already shut it down if he/she really wants to by
connecting with virt-manager or virth-sh.

The question here is what are reasonable options to show in
a vm-viewer app without overwhelming the user.

Security really does not belong in this discussion, as that should
already be taken care of at the protocol level. Not showing a menu
option is not the answer to not wanting a user to be able to do
certain actions. That is just security by obscurity.

Regards,

Hans











[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]