Hi,

A request has come up recently in vagrant-libvirt about changing the
permissions used for the VM volume image file.

Currently there is a backing image file uploaded that gets 744 as the file
permissions, and then the VM domain is created using this as the backing
file for any changes. The file containing the changes for the VM gets 600,
so accessing what is contained is limited to libvirt and thus to those that
can connect to libvirt.

The request is to change this to be 744, it appears to have been triggered
due to a desire to try and use virt-v2v to create a portable XML and export
the disks.

However I'm a little hesitant as in general I would default to more secure
rather than less secure to avoid creating security concerns down the line.
Even though vagrant-libvirt is typically used for development, it wouldn't
surprise me to see it being used on CI build infrastructure and given the
shared nature of that, making things less secure may cause issues for some
users. Of course working out who would be impacted is virtually impossible
without making the change and seeing who is concerned. And that might be
several months down the line before it's raised.

Rather than just merging this, wondering if there are any security
guidelines on the file permissions for VM image files? That or something
that can outline the risks, or even clarify that it's unnecessary to worry
about?

--
Darragh Bailey
"Nothing is foolproof to a sufficiently talented fool"

Reply via email to