Re: [Qemu-devel] [PATCH stable-1.1] qga: set umask 0077 when daemonizing (CVE-2013-2007)

Anthony, Am 31.05.2013 20:48, schrieb Anthony Liguori: Applied. Thanks. I don't see this applied, neither in qemu-stable-1.1.git nor in qemu.git stable-1.1 branch? Do we have an active maintainer for 1.1 or 1.3? Unfortunately qemu.git MAINTAINERS has not been updated with stable branches and

Re: [Qemu-devel] [PATCH stable-1.1] qga: set umask 0077 when daemonizing (CVE-2013-2007)

Andreas Färber afaer...@suse.de writes: Anthony, Am 31.05.2013 20:48, schrieb Anthony Liguori: Applied. Thanks. I don't see this applied, neither in qemu-stable-1.1.git nor in qemu.git stable-1.1 branch? Right, 1.1 is EOL. Do we have an active maintainer for 1.1 or 1.3? Unfortunately

Re: [Qemu-devel] [PATCH stable-1.1] qga: set umask 0077 when daemonizing (CVE-2013-2007)

Applied. Thanks. Regards, Anthony Liguori

Re: [Qemu-devel] [PATCH stable-1.1] qga: set umask 0077 when daemonizing (CVE-2013-2007)

On 05/27/13 02:19, Andreas Färber wrote: Am 27.05.2013 02:11, schrieb Laszlo Ersek: Also, a side-note: existing world-writable log files etc. are not recreated nor have their modes changed, so maybe a release note or some such would be useful for admins (delete your previous logfile

[Qemu-devel] [PATCH stable-1.1] qga: set umask 0077 when daemonizing (CVE-2013-2007)

From: Laszlo Ersek ler...@redhat.com The qemu guest agent creates a bunch of files with insecure permissions when started in daemon mode. For example: -rw-rw-rw- 1 root root /var/log/qemu-ga.log -rw-rw-rw- 1 root root /var/run/qga.state -rw-rw-rw- 1 root root /var/log/qga-fsfreeze-hook.log

Re: [Qemu-devel] [PATCH stable-1.1] qga: set umask 0077 when daemonizing (CVE-2013-2007)

On 05/26/13 15:34, Andreas Färber wrote: From: Laszlo Ersek ler...@redhat.com The qemu guest agent creates a bunch of files with insecure permissions when started in daemon mode. For example: -rw-rw-rw- 1 root root /var/log/qemu-ga.log -rw-rw-rw- 1 root root /var/run/qga.state

Re: [Qemu-devel] [PATCH stable-1.1] qga: set umask 0077 when daemonizing (CVE-2013-2007)

On 05/27/13 02:11, Laszlo Ersek wrote: On 05/26/13 15:34, Andreas Färber wrote: From: Laszlo Ersek ler...@redhat.com The qemu guest agent creates a bunch of files with insecure permissions when started in daemon mode. For example: -rw-rw-rw- 1 root root /var/log/qemu-ga.log -rw-rw-rw-

Re: [Qemu-devel] [PATCH stable-1.1] qga: set umask 0077 when daemonizing (CVE-2013-2007)

Am 27.05.2013 02:11, schrieb Laszlo Ersek: On 05/26/13 15:34, Andreas Färber wrote: From: Laszlo Ersek ler...@redhat.com The qemu guest agent creates a bunch of files with insecure permissions when started in daemon mode. For example: -rw-rw-rw- 1 root root /var/log/qemu-ga.log

Re: [Qemu-devel] [PATCH stable-1.1] qga: set umask 0077 when daemonizing (CVE-2013-2007)

On 05/27/13 02:19, Andreas Färber wrote: Am 27.05.2013 02:11, schrieb Laszlo Ersek: Do you plan to backport 8fe6bbc qga: distinguish binary modes in guest_file_open_modes map 2b72001 qga: unlink just created guest-file if fchmod() or fdopen() fails on it too? These are