[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing opti
|
From: |
Markus Armbruster |
|
Subject: |
Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing options via the environment |
|
Date: |
Sat, 06 Jul 2019 06:02:18 +0200 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.2 (gnu/linux) |
Philippe Mathieu-Daudé <address@hidden> writes:
> On 7/5/19 3:19 PM, Markus Armbruster wrote:
>> Philippe Mathieu-Daudé <address@hidden> writes:
>>> On 7/5/19 10:07 AM, Stefan Hajnoczi wrote:
>>>> On Thu, Jul 04, 2019 at 11:28:37AM +0100, Daniel P. Berrangé wrote:
>>>>> On Thu, Jul 04, 2019 at 11:24:57AM +0100, Stefan Hajnoczi wrote:
[...]
>>>>>> What is the concern about adding these environment variables to QEMU?
>>>>>>
>>>>>> It is convenient to be able to use tracing even if QEMU is invoked by
>>>>>> something you cannot modify/control.
>>>>>>
>>>>>> The main issues I see with environment variables are:
>>>>>>
>>>>>> 1. Security. Is there a scenario where an attacker can use environment
>>>>>> variables to influence the behavior of a QEMU process running at a
>>>>>> different trust level?
>>
>> The common (and sad) solution for this is to require whatever runs $PROG
>> at a different trust level to scrub the environment.
>
> I hope people concerned by security build QEMU with the NOP trace backend.
I sure hope at least one of our tracing backends (other than nop) can be
used safely in production.
>>>>>> 2. Name collision. What is the chance that existing users already
>>>>>> define environment variables with these names and that unexpected
>>>>>> behavior could result?
[...]
- [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing options via the environment, Philippe Mathieu-Daudé, 2019/07/03
- Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing options via the environment, Daniel P . Berrangé, 2019/07/03
- Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing options via the environment, Philippe Mathieu-Daudé, 2019/07/03
- Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing options via the environment, Stefan Hajnoczi, 2019/07/04
- Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing options via the environment, Daniel P . Berrangé, 2019/07/04
- Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing options via the environment, Stefan Hajnoczi, 2019/07/05
- Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing options via the environment, Philippe Mathieu-Daudé, 2019/07/05
- Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing options via the environment, Markus Armbruster, 2019/07/05
- Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing options via the environment, Philippe Mathieu-Daudé, 2019/07/05
- Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing options via the environment,
Markus Armbruster <=
- Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing options via the environment, Daniel P . Berrangé, 2019/07/08
- Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing options via the environment, Philippe Mathieu-Daudé, 2019/07/08
- Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing options via the environment, Daniel P . Berrangé, 2019/07/08
- Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing options via the environment, Markus Armbruster, 2019/07/09
- Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing options via the environment, Stefan Hajnoczi, 2019/07/09
Re: [Qemu-devel] [RFC PATCH-for-4.2] tracing: Allow to tune tracing options via the environment, no-reply, 2019/07/03