]> git.ipfire.org Git - thirdparty/libvirt.git/commit
projects / thirdparty / libvirt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b4ae642) | patch
Make virCommand env handling robust in setuid env
authorDaniel P. Berrange <berrange@redhat.com>
Wed, 9 Oct 2013 10:03:02 +0000 (11:03 +0100)
committerDaniel P. Berrange <berrange@redhat.com>
Wed, 30 Oct 2013 11:50:26 +0000 (11:50 +0000)
commit6f5f52c43ffb81adee9400d883692edc7ffab32a
tree8f2026202af9876172637de5fedea9de9ac5d641tree | snapshot
parentb4ae6429e1d019069a34c0ab3d889a81223bc116commit | diff
Make virCommand env handling robust in setuid env

When running setuid, we must be careful about what env vars
we allow commands to inherit from us. Replace the
virCommandAddEnvPass function with two new ones which do
filtering

  virCommandAddEnvPassAllowSUID
  virCommandAddEnvPassBlockSUID

And make virCommandAddEnvPassCommon use the appropriate
ones

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 9b8f307c6ad002a17a0510513883d06395636793)

Conflicts:
src/qemu/qemu_command.c
src/libvirt_private.syms diff | blob | blame | history
src/lxc/lxc_process.c diff | blob | blame | history
src/qemu/qemu_command.c diff | blob | blame | history
src/rpc/virnetsocket.c diff | blob | blame | history
src/util/vircommand.c diff | blob | blame | history
src/util/vircommand.h diff | blob | blame | history
tests/commandtest.c diff | blob | blame | history
Mirror of https://github.com/libvirt/libvirt.git