On Fri, Aug 26, 2011 at 01:18:49PM +0300, Sasha Levin wrote: > On Fri, 2011-08-26 at 09:04 +0100, Richard W.M. Jones wrote: > > On Fri, Aug 26, 2011 at 09:22:45AM +0300, Sasha Levin wrote: > > > On Thu, 2011-08-25 at 16:25 +0000, Decker, Schorschi wrote: > > > > 2) implement the feature as an agent in the guest OS where the > > > > hypervisor can only query the guest OS agent, using a standard TCP/IP > > > > methodology. > > > > > > I was planning to implementing it by probing the image before > > > actually booting it. This process is completely offline and doesn't > > > require interaction with the guest. The guest isn't even running at > > > that point. > > > > There are still plenty of security issues to be concerned about with > > handling an offline guest. It is quite possible for such a guest to > > be booby-trapped in a way that allows an exploit. I summarised some > > of the issues I thought about here, but there are likely to be others: > > > > http://libguestfs.org/guestfs.3.html#security > > That was an interesting read. > > Are the concerns still valid if we were going to boot the image anyway > later on? Yes. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones libguestfs lets you edit virtual machines. Supports shell scripting, bindings from many languages. http://libguestfs.org -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
