[libvirt] [PATCH v2 REPOST 2/8] Qemu arbitrary command-line arguments.
Eric Blake
eblake at redhat.com
Fri Jul 2 13:32:29 UTC 2010
On 07/02/2010 07:29 AM, Chris Lalancette wrote:
>> Technically, any string that does not contain = can be inserted as an
>> environment name, but then you can't access them from the shell. So
>> it's best to restrict environment names to portable names (basically,
>> the same set as shell variable names).
>
> Interesting point. Since we are directly invoking qemu with execve, in
> theory, qemu could access an environment name that doesn't conform to the
> shell's rules. That being said, since many people are invoking qemu through
> a shell, I doubt qemu would do something like that.
>
> So what do we think; add the restriction, or no?
I'm in favor of adding the restriction. Otherwise, we are allowing a
backdoor where libvirt can make qemu do something that regular shell
invocation of qemu cannot.
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 619 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20100702/20cc07cd/attachment-0001.sig>
More information about the libvir-list
mailing list