Re: [Libguestfs] [PATCH] libvirt: disallow non-local connections (RHBZ#1347830)

Tuesday, 27 June 2017

Not that I'm opposed to this patch, but there's a bit of history here:

https://www.redhat.com/archives/libguestfs/2012-December/msg00120.html

I think it would be good for libvirt to address the "is remote" issue,
which libvirt is (in theory) in the best place to address, eg by
comparing systemd /etc/machine-id on both systems.

Then we could use that to deny remote URIs, but probably we wouldn't
want to deny it completely, but allow a way for callers to bypass the
check if they know better.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
virt-builder quickly builds VMs from scratch
http://libguestfs.org/virt-builder.1.html

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

Re: [Libguestfs] [PATCH] libvirt: disallow non-local connections (RHBZ#1347830)