|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [qemu-xen-4.1-testing] Disable qemu monitor by default. The qemu monitor is an overly
commit d7d453f51459b591faa96d1c123b5bfff7c5b6b6
Author: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
Date: Thu Sep 6 17:05:30 2012 +0100
Disable qemu monitor by default. The qemu monitor is an overly
powerful feature which must be protected from untrusted (guest)
administrators.
Neither xl nor xend expect qemu to produce this monitor unless it is
explicitly requested.
This is a security problem, XSA-19. Previously it was CVE-2007-0998
in Red Hat but we haven't dealt with it in upstream. We hope to have
a new CVE for it here but we don't have one yet.
Signed-off-by: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
(cherry picked from commit bacc0d302445c75f18f4c826750fb5853b60e7ca)
---
vl.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/vl.c b/vl.c
index f07a659..686a9bd 100644
--- a/vl.c
+++ b/vl.c
@@ -4910,7 +4910,7 @@ int main(int argc, char **argv, char **envp)
kernel_cmdline = "";
cyls = heads = secs = 0;
translation = BIOS_ATA_TRANSLATION_AUTO;
- monitor_device = "vc:80Cx24C";
+ monitor_device = "null";
serial_devices[0] = "vc:80Cx24C";
for(i = 1; i < MAX_SERIAL_PORTS; i++)
--
generated by git-patchbot for /home/xen/git/qemu-xen-4.1-testing.git
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |