On Wed, Jan 11, 2017 at 18:07:19 +0100, Michal Privoznik wrote: > On 01/11/2017 06:04 PM, Daniel P. Berrange wrote: > > On Wed, Jan 11, 2017 at 05:43:16PM +0100, Michal Privoznik wrote: > >> So far the decision whether /dev/* entry is created in the qemu > >> namespace is really simple: does the path starts with "/dev/"? > >> This can be easily fooled by providing path like the following > >> (for any considered device like disk, rng, chardev, ..): > >> > >> /dev/../var/lib/libvirt/images/disk.qcow2 > > > > Did you find someone/thing that was actually doing that ? > > No, but Martin asked me about that when talking about namespaces and I > thought of trying that out. The domain startup did not fail, but only > because of 3aae99fe71 which made mknod() not error out on EEXIST. While this specific case may be rare, /some/path/uuid1/uuid2/uuid3 paths which (through several chained symlinks) actually end up being /dev/something are pretty common :-) Jirka -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
