[libvirt] [PATCHv2 1/5] domifaddr: Implement the public API
Eric Blake
eblake at redhat.com
Wed Aug 21 20:06:32 UTC 2013
On 08/18/2013 01:19 AM, Osier Yang wrote:
>>> +
>>> + if (!VIR_IS_CONNECTED_DOMAIN(dom)) {
>>> + virLibDomainError(VIR_ERR_INVALID_DOMAIN, __FUNCTION__);
>>> + goto error;
>>> + }
>>> +
>> I wonder if we need to add a check for VIR_CONNECT_RO in this method.
>> Not sure whether is a good idea to expose the list of IP addrs to an
>> unprivileged client or not.
>
> All the API does is reading, no writing action is involved. So no RO
> checking is needed. Any problem of the unpriviledge client gets
> IP addrs of its own guests?
I also don't see a reason to add VIR_CONNECT_RO - UNLESS the way we
populate IP addresses is by asking the guest agent [hmm - @flags
probably ought to have multiple values, based on WHICH method is used
for querying IP addresses (a guest agent, vs. management of the dhcp
server, vs. traffic snooping) - and if a guest agent is involved, then
that particular use case must forbid read-only connections (we already
decided that any interaction with an untrusted guest-agent must be
limited to read-write connections to avoid problems).
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 621 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20130821/9ca8455d/attachment-0001.sig>
More information about the libvir-list
mailing list