Hi, If virt-install tool creates a new disk image, it gets world readable and executable permission, neither of which it needs, and the former of which could be a security hole on some systems.
It would appear the reason for this is that python's os.open() defaults to mode 0777 if none is explicitly specified. Which is how it is used in the virt-install code. I've just sent a patch to fix this to the upstream list against the current git head. I'm not sure what your plans are for getting the current release out of experimental and in to jessie, but fixing this for the version in sid would be reasonably trivial too. Just grep for O_CREAT, and in the 4 places it is found add ', 0640' to the open() call. The disk images shouldn't need any more generous permission than that. Cheers, Ron -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
