[Lguest] [RFC PATCH 1/5] lguest: mmap backing file
Rusty Russell
rusty at rustcorp.com.au
Fri Mar 21 11:29:03 EST 2008
On Thursday 20 March 2008 19:16:00 Tim Post wrote:
> On Thu, 2008-03-20 at 17:05 +1100, Rusty Russell wrote:
> > + snprintf(memfile_path, PATH_MAX, "%s/.lguest",
> > getenv("HOME") ?: "");
>
> Hi Rusty,
>
> Is that safe if being run via setuid/gid or shared root? It might be
> better to just look it up in /etc/passwd against the real UID,
> considering that anyone can change (or null) that env string.
Hi Tim,
Fair point: it is bogus in this usage case. Of course, setuid-ing lguest
is dumb anyway, since you could use --block= to read and write any file in
the filesystem. The mid-term goal is to allow non-root to run lguest, which
fixes this problem (we don't allow that at the moment, as the guest can pin
memory).
Cheers,
Rusty.
More information about the Lguest
mailing list