]> git.ipfire.org Git - thirdparty/libvirt.git/commit
projects / thirdparty / libvirt.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 2a07c99) | patch
remote: enforce ACL write permission for getting guest time & hostname
authorDaniel P. Berrangé <berrange@redhat.com>
Wed, 27 Mar 2019 11:22:49 +0000 (11:22 +0000)
committerDaniel P. Berrangé <berrange@redhat.com>
Thu, 11 Apr 2019 14:21:53 +0000 (15:21 +0100)
commitae076bb40e0e150aef41361b64001138d04d6c60
tree914e80a6860a95e96fb34692582d473b9f2a7df3tree
parent2a07c990bd9143d7a0fe8d1b6b7c763c52185240commit | diff
remote: enforce ACL write permission for getting guest time & hostname

Getting the guest time and hostname both require use of guest agent
commands. These must not be allowed for read-only users, so the
permissions check must validate "write" permission not "read".

Fixes CVE-2019-3886
Reviewed-by: Jim Fehlig <jfehlig@suse.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
src/remote/remote_protocol.x diff | blob | blame | history
Mirror of https://github.com/libvirt/libvirt.git