On Mon, Oct 15, 2007 at 01:31:47PM +0100, Richard W.M. Jones wrote: > There's an open-ended access control problem here. libvirtd runs as > root and host+path gives a way to read and write any file on the system. > > Better might be to allow the system administrator to configure > directories where backup images, snapshots and so on may be located > (through /etc/libvirtd.conf), and have libvirtd check this, and also > have an additional level of enforcement through SELinux (as is done with > Xen images now). Yep, that is a good idea. Indeed some deployments pretty much require that. When running with SELinux enforcing, only /var/lib/xen/images is a valid location for example. Being able to create/manage files on any part of the filesystem is rather overkill for our needs. Admin defined directory locations should be more than sufficient. Dan. -- |=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=| |=- Perl modules: http://search.cpan.org/~danberr/ -=| |=- Projects: http://freshmeat.net/~danielpb/ -=| |=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=| -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list