On Thu, Jun 26, 2014 at 12:18:26PM +0200, Michal Privoznik wrote:
> static virNetworkDriver network_driver = {
> diff --git a/src/remote/remote_protocol.x b/src/remote/remote_protocol.x
> index 4b75bdb..9d141e9 100644
> --- a/src/remote/remote_protocol.x
> +++ b/src/remote/remote_protocol.x
> @@ -5419,5 +5431,11 @@ enum remote_procedure {
> * @generate: none
> * @acl: network:read
> */
> - REMOTE_PROC_NETWORK_GET_DHCP_LEASES_FOR_MAC = 342
> + REMOTE_PROC_NETWORK_GET_DHCP_LEASES_FOR_MAC = 342,
> +
> + /**
> + * @generate: both
> + * @acl: connect:read
As mentioned against cover letter we'll need 'connect:write'
here I think.
Perhaps we could allow for 'connect:read' if-and-only-if
emulatorbin is NULL. ie we'd use the combination of arch
+ machine + virttype to lookup the binary in the primary
capabilities when emulatorbin is NULL. That would avoid
any risk of running arbitrary user provided paths, and
so we safe to allow connect:read there.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list