[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 23/24] vhost-user-fs: Implement drop CAP_FSETID functionality
From: |
Stefan Hajnoczi |
Subject: |
Re: [PATCH 23/24] vhost-user-fs: Implement drop CAP_FSETID functionality |
Date: |
Mon, 15 Feb 2021 15:57:11 +0000 |
On Thu, Feb 11, 2021 at 09:40:31AM -0500, Vivek Goyal wrote:
> On Thu, Feb 11, 2021 at 02:35:42PM +0000, Stefan Hajnoczi wrote:
> > On Tue, Feb 09, 2021 at 07:02:23PM +0000, Dr. David Alan Gilbert (git)
> > wrote:
> > > From: Vivek Goyal <vgoyal@redhat.com>
> > >
> > > As part of slave_io message, slave can ask to do I/O on an fd.
> > > Additionally
> > > slave can ask for dropping CAP_FSETID (if master has it) before doing I/O.
> > > Implement functionality to drop CAP_FSETID and gain it back after the
> > > operation.
> > >
> > > This also creates a dependency on libcap-ng.
> >
> > Is this patch only for the case where QEMU is running as root?
> >
>
> Yes, it primarily is for the case where qemu is running as root, or
> somebody managed to launch it non-root but with still having capability
> CAP_FSETID.
Running QEMU as root is not encouraged because the security model is
designed around the principle of least privilege (only give QEMU access
to resources that belong to the guest).
What happens in the case where QEMU is not root? Does that mean QEMU
will drop suid/guid bits even if the FUSE client wanted them to be
preserved?
Stefan
signature.asc
Description: PGP signature
- [PATCH 17/24] DAX/unmap virtiofsd: Add wrappers for VHOST_USER_SLAVE_FS_IO, (continued)
- [PATCH 17/24] DAX/unmap virtiofsd: Add wrappers for VHOST_USER_SLAVE_FS_IO, Dr. David Alan Gilbert (git), 2021/02/09
- [PATCH 20/24] DAX/unmap virtiofsd: route unmappable write to slave command, Dr. David Alan Gilbert (git), 2021/02/09
- [PATCH 21/24] DAX:virtiofsd: implement FUSE_INIT map_alignment field, Dr. David Alan Gilbert (git), 2021/02/09
- [PATCH 22/24] vhost-user-fs: Extend VhostUserFSSlaveMsg to pass additional info, Dr. David Alan Gilbert (git), 2021/02/09
- [PATCH 16/24] DAX/unmap: virtiofsd: Add VHOST_USER_SLAVE_FS_IO, Dr. David Alan Gilbert (git), 2021/02/09
- [PATCH 23/24] vhost-user-fs: Implement drop CAP_FSETID functionality, Dr. David Alan Gilbert (git), 2021/02/09
[PATCH 24/24] virtiofsd: Ask qemu to drop CAP_FSETID if client asked for it, Dr. David Alan Gilbert (git), 2021/02/09