[libvirt] [PATCH 2/3] qemuDomainAttachDeviceMknodHelper: unlink() not so often
Martin Kletzander
mkletzan at redhat.com
Wed Jan 4 14:32:21 UTC 2017
On Wed, Jan 04, 2017 at 03:23:45PM +0100, Martin Kletzander wrote:
>On Wed, Jan 04, 2017 at 03:13:56PM +0100, Michal Privoznik wrote:
>>Not that I'd encounter any bug here, but the code doesn't look
>>100% correct. Imagine, somebody is trying to attach a device to a
>>domain, and the device's /dev entry already exists in the qemu
>>namespace. This is handled gracefully and the control continues
>>with setting up ACLs and calling security manager to set up
>>labels. Now, if any of these steps fail, control jump on the
>>'cleanup' label and unlink() the file straight away. Even when it
>>was not us who created the file in the first place. This can be
>>possibly dangerous.
>>
>
>"Don't unlink non-existing files" or something similar would be enough,
>I guess :)
>
I forgot to add, ACK.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20170104/c4f12324/attachment-0001.sig>
More information about the libvir-list
mailing list