Re: [Qemu-devel] [PATCH 0/4] net-bridge: rootless bridge support for qem

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 0/4] net-bridge: rootless bridge support for qem

From:	Anthony Liguori
Subject:	Re: [Qemu-devel] [PATCH 0/4] net-bridge: rootless bridge support for qemu
Date:	Sat, 07 Nov 2009 16:12:36 -0600
User-agent:	Thunderbird 2.0.0.23 (X11/20090825)

Arnd Bergmann wrote:

Well, the difference matters from a security perspective. The sudo
script that Avi suggested just means that you can guarantee you don't
introduce any security holes through a suid executable. Fortunately,
it does not impact the contents of your helper either, only the
installation. You could even be clever in qemu and use call the helper
using sudo if qemu is running as unpriviledged user and the helper is
not a suid file.

Or just use fscaps and not even work about suid :-) That's thepreferred model.


Regards,

Anthony Liguori

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [PATCH 0/4] net-bridge: rootless bridge support for qemu, (continued)

Prev by Date: Re: [Qemu-devel] [PATCH 4/4] Add support for -net bridge
Next by Date: [Qemu-devel]question:arm's mutli-core emulator
Previous by thread: Re: [Qemu-devel] [PATCH 0/4] net-bridge: rootless bridge support for qemu
Next by thread: Re: [Qemu-devel] [PATCH 0/4] net-bridge: rootless bridge support for qemu
Index(es):
- Date
- Thread