[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [virt-tools-list] [RFC PATCH 2/2] virt-manager: make cache directories accessible only to the owner



Cole Robinson <crobinso redhat com> writes:

> On 11/01/2013 12:49 PM, Giuseppe Scrivano wrote:
>> There are no reasons to expose cache files to everyone so restrict the
>> access to the owner.
>> 
>> Signed-off-by: Giuseppe Scrivano <gscrivan redhat com>
>> ---
>>  virtManager/connection.py   | 2 +-
>>  virtManager/domain.py       | 2 +-
>>  virtinst/cli.py             | 2 +-
>>  virtinst/distroinstaller.py | 2 +-
>>  virtinst/urlfetcher.py      | 2 +-
>>  virtinst/util.py            | 2 +-
>>  6 files changed, 6 insertions(+), 6 deletions(-)
>> 
>
> With old enough libvirt, where vol upload isn't available, virt-manager will
> download kernel/initrd to the cache dir, and the launched qemu process needs
> to access them in place.
>
> virt-manager already has some logic to ask the user if we can fix these
> permissions which might do the job here, but I wouldn't want to apply this
> patch until its explicitly tested. Easiest is just to leave it as is.

ok thanks.  I was just afraid that now we also create ~/.cache if not
available and we may expose files we don't want to be accessible to
everyone (or files created by other applications that we don't know
about).

Regards,
Giuseppe


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]