[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 2/2] libxl: switch NetBSD image file handling to Qemu
On Thu, 2012-11-29 at 18:18 +0000, Brian Buhrow wrote: > 2. Examine the file and see if it has a signature for QCOW or QCOW2 format. > (How does qemu figure out which it is? Is it a simple bit of code that > could be snagged for re-use?) Alternatively, check to see if it's a raw > image, and, if it is not, call qemu, otherwise, call vnd and use the > existing backend block driver. You should never probe for raw vs qcow (or any other container format) in this way. Imagine a VM with a "raw" disk. A malicious administrator of this VM could write a qcow header to it turning it into a snapshot backed by any path they like in dom0 (say /etc/shadow, ssh host keys, etc). Then they reboot their guest, the probing determines that it is now a qcow image with the given backing file, the VM admin simply reads from the disk to get at the dom0 file. The format of the image must always be specified by the user. Ian. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |