qemu/qga
Laszlo Ersek c689b4f1ba qga: set umask 0077 when daemonizing (CVE-2013-2007)
The qemu guest agent creates a bunch of files with insecure permissions
when started in daemon mode. For example:

  -rw-rw-rw- 1 root root /var/log/qemu-ga.log
  -rw-rw-rw- 1 root root /var/run/qga.state
  -rw-rw-rw- 1 root root /var/log/qga-fsfreeze-hook.log

In addition, at least all files created with the "guest-file-open" QMP
command, and all files created with shell output redirection (or
otherwise) by utilities invoked by the fsfreeze hook script are affected.

For now mask all file mode bits for "group" and "others" in
become_daemon().

Temporarily, for compatibility reasons, stick with the 0666 file-mode in
case of files newly created by the "guest-file-open" QMP call. Do so
without changing the umask temporarily.

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-05-07 06:46:26 -05:00
..
channel-posix.c qemu-ga: Handle errors uniformely in ga_channel_open() 2013-01-14 12:08:05 -06:00
channel-win32.c qemu-ga: fix confusing GAChannelMethod comparison 2013-03-11 18:53:46 -05:00
channel.h
commands-posix.c qga: set umask 0077 when daemonizing (CVE-2013-2007) 2013-05-07 06:46:26 -05:00
commands-win32.c qga: add windows implementation for guest-set-time 2013-04-02 09:06:11 -05:00
commands.c qemu-ga: Fix unchecked strdup() by converting to g_strdup() 2013-01-30 11:14:46 +01:00
guest-agent-command-state.c
guest-agent-core.h qemu-ga: use key-value store to avoid recycling fd handles after restart 2013-03-11 18:53:47 -05:00
main.c qga: set umask 0077 when daemonizing (CVE-2013-2007) 2013-05-07 06:46:26 -05:00
Makefile.objs qemu-ga: move qemu-ga files to qga/ 2012-12-19 08:31:30 +01:00
qapi-schema.json qga schema: document generic QERR_UNSUPPORTED 2013-04-02 09:06:11 -05:00
service-win32.c qga: cast to int for DWORD type 2013-03-11 18:53:46 -05:00
service-win32.h qemu-ga: add Windows service integration 2012-02-23 15:43:50 -06:00