On Thursday 20 March 2008 19:16:00 Tim Post wrote:
> On Thu, 2008-03-20 at 17:05 +1100, Rusty Russell wrote:
> > + snprintf(memfile_path, PATH_MAX, "%s/.lguest",
> > getenv("HOME") ?: "");
>
> Hi Rusty,
>
> Is that safe if being run via setuid/gid or shared root? It might be
> better to just look it up in /etc/passwd against the real UID,
> considering that anyone can change (or null) that env string.
Hi Tim,
Fair point: it is bogus in this usage case. Of course, setuid-ing lguest
is dumb anyway, since you could use --block= to read and write any file in
the filesystem. The mid-term goal is to allow non-root to run lguest, which
fixes this problem (we don't allow that at the moment, as the guest can pin
memory).
Cheers,
Rusty.
_______________________________________________
Lguest mailing list
Lguest@ozlabs.org
https://ozlabs.org/mailman/listinfo/lguest
