Kees: I know about the wiki page - I'm the one who edited it to note this issue. It is not true that file capabilities only work in Lucid - I am using Karmic and it works fine. libcap2-bin is also not a PAM package. It is also not true that you need to manually add users to /etc/security/capability.conf. I will corrrect these points in the Wiki.
It is true that with CAP_NET_ADMIN capability any user could boot a VM and gain access to a virtual ethernet device. That's the whole point. I would assume that the majority of people installing qemu would actually want to be able to create bridged virtual ethernet devices. VirtualBox allows normal users to create bridged ethernet devices that could be used to "disrupt networking". Why should qemu be different? If you are concerned about users directly abusing the capability with their own software then this is not possible - giving the qemu binary the capability means that only that binary gets the capability - other binaries executed by the same user do not get the capability. Access to /dev/net/tun can still be controlled using standard file permissions as usual. Using a file capability would obviously be preferable as it would not require individual users to be manually assigned the capability, and could be done in postinst and would survive qemu package upgrades. The only way someone could disrupt the network in this way is if they: 1) Were allowed to run qemu 2) Had rw access to /dev/net/tun 3) Had some exploit for qemu to allow them to run some arbitrary network disrupting code Basically, whatever potential problems there are, the same problems are also present in VirtualBox, and yet that ships with working network bridging for VMs (the mechanism is different, but the fundamental problems are the same). Why can't qemu have working bridged networking? Why not create a "tun" group that has rw access to /dev/net/tun if that is the problem you are trying to avoid? And if making the existing package work is unacceptable, then why not create a "qemu-kvm-working-bridged-networking" package and recommend that users who want bridged network use that instead? -- qemu no tun/tap networking https://bugs.launchpad.net/bugs/103010 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
