> Considering unix socket itself doesn't really have a UID attached to it,
> it's only the unix path that needs a chmod(), meanwhile the mgmt of course
> knows both the right UID (as specified in -run-with) and the path, would it
> make sense if the mgmt chmod() after it starts dest QEMU? That'll reduce
> the scope of impact to minimum.
I like this solution, but it runs into the issue that the main channel socket
is not
created ahead of time, so there isn't an opportunity for the management layer
to change it's permissions. The CPR socket is created ahead of time, so we could
use this solution there. I'm not familiar with the history here. Do you know why
the sockets are created at different times?
Thanks,
Ben
