[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] Image probing: how it can be insecure, and what we coul
|
From: |
Kevin Wolf |
|
Subject: |
Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it |
|
Date: |
Mon, 10 Nov 2014 10:14:19 +0100 |
|
User-agent: |
Mutt/1.5.21 (2010-09-15) |
Am 10.11.2014 um 09:12 hat Markus Armbruster geschrieben:
> Jeff Cody <address@hidden> writes:
> > So that would mean .img would always require format=, right?
> >
> > That also implies to me that the only extensions for raw that might
> > not require format= would be .iso and .raw.
>
> .img means what we choose it to mean.
>
> If we choose "can mean anything, including raw", then .img always
> requires an explicit format with this approach.
>
> If we choose "means raw", then same as above, except you can omit
> format=raw, and you become prone to opening existing non-raw formats
> raw, which can be bad.
My current thoughts about .img are that we need to consider that
(a) it is occasionally used for multiple image formats and making it
raw unconditionally is going to cause corruption.
(b) looking at file extensions is absolutely useless if we exlucde
.img from the automatic detection because it's still the main
extension for raw.
The common case could probably be covered by bringing probing back into
the game: If an .img file successfully probes for a non-raw format,
error out, avoiding the corruption. If it doesn't, assume raw.
Kevin
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, (continued)
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Kevin Wolf, 2014/11/05
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Markus Armbruster, 2014/11/06
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Jeff Cody, 2014/11/06
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Kevin Wolf, 2014/11/06
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Markus Armbruster, 2014/11/07
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Jeff Cody, 2014/11/07
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Markus Armbruster, 2014/11/10
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it,
Kevin Wolf <=
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Markus Armbruster, 2014/11/10
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Jeff Cody, 2014/11/10
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Markus Armbruster, 2014/11/11
- Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Markus Armbruster, 2014/11/10
Re: [Qemu-devel] Image probing: how it can be insecure, and what we could do about it, Dr. David Alan Gilbert, 2014/11/05