On 02/17/2014 09:39 AM, Daniel P. Berrange wrote: > Rewrite multiple hotunplug functions to to use the > virProcessRunInMountNamespace helper. This avoids > risk of a malicious guest replacing /dev with a absolute s/a absolute/an absolute/ > symlink, tricking the driver into changing the host OS > filesystem. Worth mentioning the CVE number in any of these commits? Are you planning on backporting to stable branches, or could you use some help on that front? > > Signed-off-by: Daniel P. Berrange <berrange@xxxxxxxxxx> > --- > src/lxc/lxc_driver.c | 79 ++++++++++++++++++++++++++-------------------------- > 1 file changed, 39 insertions(+), 40 deletions(-) ACK. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list