[Libguestfs] [PATCH 0/5] rbd improvements
pioto at pioto.org
Sun May 12 18:42:36 UTC 2013
On Thu, May 9, 2013 at 12:21 PM, Richard W.M. Jones <rjones at redhat.com> wrote:
> On Thu, May 09, 2013 at 11:23:55AM -0400, Mike Kelly wrote:
>> On Wed, May 8, 2013 at 6:53 AM, Richard W.M. Jones <rjones at redhat.com> wrote:
>> > One worry I have is whether quoting is required for the server
>> > name(s), export name, username and secret.
>> Well. I think the main things we had to quote were ':' and ';', but
>> none of those are valid in a hostname. Username also probably doesn't
>> contain anything special, and secret is a base64-encoded string. I
>> confirmed that even with the string ending in '==', it was parsed just
>> fine by qemu, at least in my limited manual testing.
>> If you can suggest a way to be more robust this, though, then I can
>> try to work that into a future patch series.
> The quoting problem happens when someone writes a program which takes
> (eg) a hostname string from the user and passes it unmodified to the
> guestfs API. It's an issue if this string can cause unexpected [even
> malicious/exploitable] things to happen when passed unquoted on the
> qemu command line.
Well, I'm not sure if this way of setting things up is still
encouraged, but at least this documentation suggests basically using
the fact that libvirt won't quote the image name as a "feature":
<disk type='network' device='disk'>
<driver name='qemu' type='rbd'/>
<target dev='vda' bus='virtio'/>
The more official documentation for configuring caching doesn't seem
to make any specific mention of this:
More information about the Libguestfs