[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Libguestfs] [PATCH] libvirt: disallow non-local connections (RHBZ#1347830)



Not that I'm opposed to this patch, but there's a bit of history here:

https://www.redhat.com/archives/libguestfs/2012-December/msg00120.html

I think it would be good for libvirt to address the "is remote" issue,
which libvirt is (in theory) in the best place to address, eg by
comparing systemd /etc/machine-id on both systems.

Then we could use that to deny remote URIs, but probably we wouldn't
want to deny it completely, but allow a way for callers to bypass the
check if they know better.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-builder quickly builds VMs from scratch
http://libguestfs.org/virt-builder.1.html


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]