[virt-tools-list] [RFC PATCH 2/2] virt-manager: make cache directories accessible only to the owner
Giuseppe Scrivano
gscrivan at redhat.com
Tue Nov 5 17:22:22 UTC 2013
Cole Robinson <crobinso at redhat.com> writes:
> On 11/01/2013 12:49 PM, Giuseppe Scrivano wrote:
>> There are no reasons to expose cache files to everyone so restrict the
>> access to the owner.
>>
>> Signed-off-by: Giuseppe Scrivano <gscrivan at redhat.com>
>> ---
>> virtManager/connection.py | 2 +-
>> virtManager/domain.py | 2 +-
>> virtinst/cli.py | 2 +-
>> virtinst/distroinstaller.py | 2 +-
>> virtinst/urlfetcher.py | 2 +-
>> virtinst/util.py | 2 +-
>> 6 files changed, 6 insertions(+), 6 deletions(-)
>>
>
> With old enough libvirt, where vol upload isn't available, virt-manager will
> download kernel/initrd to the cache dir, and the launched qemu process needs
> to access them in place.
>
> virt-manager already has some logic to ask the user if we can fix these
> permissions which might do the job here, but I wouldn't want to apply this
> patch until its explicitly tested. Easiest is just to leave it as is.
ok thanks. I was just afraid that now we also create ~/.cache if not
available and we may expose files we don't want to be accessible to
everyone (or files created by other applications that we don't know
about).
Regards,
Giuseppe
More information about the virt-tools-list
mailing list