[libvirt] [PATCH 0/3] Fix access controls for virtlockd/virtlogd sockets
Daniel P. Berrangé
berrange at redhat.com
Tue May 21 12:06:24 UTC 2019
This series fixes CVE-2019-10132
It is pushed to master as it was reviewed on the security list
ahead of time.
Daniel P. Berrangé (3):
admin: reject clients unless their UID matches the current UID
locking: restrict sockets to mode 0600
logging: restrict sockets to mode 0600
src/admin/admin_server_dispatch.c | 22 ++++++++++++++++++++++
src/locking/virtlockd-admin.socket.in | 1 +
src/locking/virtlockd.socket.in | 1 +
src/logging/virtlogd-admin.socket.in | 1 +
src/logging/virtlogd.socket.in | 1 +
5 files changed, 26 insertions(+)
--
2.21.0
More information about the libvir-list
mailing list