[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-changelog] [qemu-xen-4.1-testing] Disable qemu monitor by default. The qemu monitor is an overly



commit d7d453f51459b591faa96d1c123b5bfff7c5b6b6
Author: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
Date:   Thu Sep 6 17:05:30 2012 +0100

    Disable qemu monitor by default.  The qemu monitor is an overly
    powerful feature which must be protected from untrusted (guest)
    administrators.
    
    Neither xl nor xend expect qemu to produce this monitor unless it is
    explicitly requested.
    
    This is a security problem, XSA-19.  Previously it was CVE-2007-0998
    in Red Hat but we haven't dealt with it in upstream.  We hope to have
    a new CVE for it here but we don't have one yet.
    
    Signed-off-by: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
    (cherry picked from commit bacc0d302445c75f18f4c826750fb5853b60e7ca)
---
 vl.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/vl.c b/vl.c
index f07a659..686a9bd 100644
--- a/vl.c
+++ b/vl.c
@@ -4910,7 +4910,7 @@ int main(int argc, char **argv, char **envp)
     kernel_cmdline = "";
     cyls = heads = secs = 0;
     translation = BIOS_ATA_TRANSLATION_AUTO;
-    monitor_device = "vc:80Cx24C";
+    monitor_device = "null";
 
     serial_devices[0] = "vc:80Cx24C";
     for(i = 1; i < MAX_SERIAL_PORTS; i++)
--
generated by git-patchbot for /home/xen/git/qemu-xen-4.1-testing.git

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.