On 06/04/2011 03:08 PM, Andi Kleen wrote:
Michael Roth<mdr...@linux.vnet.ibm.com> writes:+ +int64_t qmp_guest_file_open(const char *filename, const char *mode, Error **err) +{ + FILE *fh; + int fd, ret; + int64_t id = -1; + + if (!logging_enabled()) { + error_set(err, QERR_QGA_LOGGING_FAILED); + goto out; + } + slog("guest-file-open called, filename: %s, mode: %s", filename, mode); + fh = fopen(filename, mode); + if (!fh) { + error_set(err, QERR_OPEN_FILE_FAILED, filename); + goto out; + }Does this really allow a guest to open any host file ?!?
It does the opposite. The host can open files in the guest. Since the host can see the disk image of the guest anyway, it already could do this albeit it in a more convoluted way.
Regards, Anthony Liguroi
Have you considered all the security implications of that? -Andi
