[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v3 2/2] docs: replace insecure /tmp examples in qsd docs
From: |
Daniel P . Berrangé |
Subject: |
Re: [PATCH v3 2/2] docs: replace insecure /tmp examples in qsd docs |
Date: |
Mon, 1 Mar 2021 18:28:17 +0000 |
User-agent: |
Mutt/2.0.5 (2021-01-21) |
On Mon, Mar 01, 2021 at 05:27:28PM +0000, Stefan Hajnoczi wrote:
> World-writeable directories have security issues. Avoid showing them in
> the documentation since someone might accidentally use them in
> situations where they are insecure.
>
> There tend to be 3 security problems:
> 1. Denial of service. An adversary may be able to create the file
> beforehand, consume all space/inodes, etc to sabotage us.
> 2. Impersonation. An adversary may be able to create a listen socket and
> accept incoming connections that were meant for us.
> 3. Unauthenticated client access. An adversary may be able to connect to
> us if we did not set the uid/gid and permissions correctly.
>
> These can be prevented or mitigated with private /tmp, carefully setting
> the umask, etc but that requires special action and does not apply to
> all situations. Just avoid using /tmp in examples.
>
> Reported-by: Richard W.M. Jones <rjones@redhat.com>
> Reported-by: Daniel P. Berrangé <berrange@redhat.com>
> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
> ---
> docs/tools/qemu-storage-daemon.rst | 7 ++++---
> 1 file changed, 4 insertions(+), 3 deletions(-)
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|