]> xenbits.xensource.com Git - libvirt.git/commit
projects / libvirt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d665003) | patch
Make virCommand env handling robust in setuid env
authorDaniel P. Berrange <berrange@redhat.com>
Wed, 9 Oct 2013 10:03:02 +0000 (11:03 +0100)
committerDaniel P. Berrange <berrange@redhat.com>
Mon, 21 Oct 2013 13:03:52 +0000 (14:03 +0100)
commit9b8f307c6ad002a17a0510513883d06395636793
treeab0796ef71d3305d766666995d25e4922d92495atree
parentd665003da1359410bc4036895a648a7d7256ddaacommit | diff
Make virCommand env handling robust in setuid env

When running setuid, we must be careful about what env vars
we allow commands to inherit from us. Replace the
virCommandAddEnvPass function with two new ones which do
filtering

  virCommandAddEnvPassAllowSUID
  virCommandAddEnvPassBlockSUID

And make virCommandAddEnvPassCommon use the appropriate
ones

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
src/libvirt_private.syms diff | blob | blame | history
src/lxc/lxc_process.c diff | blob | blame | history
src/qemu/qemu_command.c diff | blob | blame | history
src/rpc/virnetsocket.c diff | blob | blame | history
src/util/vircommand.c diff | blob | blame | history
src/util/vircommand.h diff | blob | blame | history
tests/commandtest.c diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.