[fedora-virt] libguestfs best practices: Exposing files from the host for the duration of a session
Charles Duffy
charles at dyfis.net
Fri May 29 07:46:28 UTC 2009
Michael Ansel wrote:
> 1) root (UID=0, everywhere) is the only one installing packages, so
> the UID mapping lines up perfectly every time
libguestfs in general, and host filesystem access in particular, is good
for more than just installing packages, though admittedly that's my
immediate use case.
> 2) you only need root access on the host once when you are building
> the VM; you don't need NFS after it is already built
>
Even if there were no use case for access to files off the host other
than early installation --
Why is it acceptable for libguestfs to require root access *ever*, when
so many alternate transport mechanisms (9p, ccgfs, FTP, qemu's built in
smb, etc) are available which wouldn't create this constraint?
If I'm building a piece of software invoked by untrusted users in a lab
environment, I don't want that software to need, or have any means to
access, root. Ever. For anything, at all.
By the way -- I'm tired too (normal wakeup time in ~3.25 hours), so
please excuse my tone if it's a bit harsh.
More information about the Fedora-virt
mailing list