Re: [libvirt] [PATCH] [RFC] virSetUIDGID: Don't leak supplementary groups

2015-11-18 Thread Daniel P. Berrange
On Wed, Nov 18, 2015 at 07:35:39AM +0100, Martin Kletzander wrote: > On Tue, Nov 17, 2015 at 10:02:36PM +0100, Richard Weinberger wrote: > >On Wed, Jun 24, 2015 at 11:19 AM, Martin Kletzander > >wrote: > >>On Tue, Jun 23, 2015 at 01:48:42PM +0200, Richard Weinberger wrote: >

Re: [libvirt] [PATCH] [RFC] virSetUIDGID: Don't leak supplementary groups

2015-11-18 Thread Daniel P. Berrange
On Tue, Jun 23, 2015 at 01:48:42PM +0200, Richard Weinberger wrote: > The LXC driver uses virSetUIDGID() to become UID/GID 0. > It passes an empty groups list to virSetUIDGID() > to get rid of all supplementary groups from the host side. > But virSetUIDGID() calls setgroups() only if the supplied

Re: [libvirt] [PATCH] [RFC] virSetUIDGID: Don't leak supplementary groups

2015-11-18 Thread Daniel P. Berrange
On Tue, Jun 23, 2015 at 01:48:42PM +0200, Richard Weinberger wrote: > The LXC driver uses virSetUIDGID() to become UID/GID 0. > It passes an empty groups list to virSetUIDGID() > to get rid of all supplementary groups from the host side. > But virSetUIDGID() calls setgroups() only if the supplied

Re: [libvirt] [PATCH] [RFC] virSetUIDGID: Don't leak supplementary groups

2015-11-17 Thread Richard Weinberger
On Wed, Jun 24, 2015 at 11:19 AM, Martin Kletzander wrote: > On Tue, Jun 23, 2015 at 01:48:42PM +0200, Richard Weinberger wrote: >> >> The LXC driver uses virSetUIDGID() to become UID/GID 0. >> It passes an empty groups list to virSetUIDGID() >> to get rid of all

Re: [libvirt] [PATCH] [RFC] virSetUIDGID: Don't leak supplementary groups

2015-11-17 Thread Martin Kletzander
On Tue, Nov 17, 2015 at 10:02:36PM +0100, Richard Weinberger wrote: On Wed, Jun 24, 2015 at 11:19 AM, Martin Kletzander wrote: On Tue, Jun 23, 2015 at 01:48:42PM +0200, Richard Weinberger wrote: The LXC driver uses virSetUIDGID() to become UID/GID 0. It passes an empty

Re: [libvirt] [PATCH] [RFC] virSetUIDGID: Don't leak supplementary groups

2015-06-24 Thread Martin Kletzander
On Tue, Jun 23, 2015 at 01:48:42PM +0200, Richard Weinberger wrote: The LXC driver uses virSetUIDGID() to become UID/GID 0. It passes an empty groups list to virSetUIDGID() to get rid of all supplementary groups from the host side. But virSetUIDGID() calls setgroups() only if the supplied list

[libvirt] [PATCH] [RFC] virSetUIDGID: Don't leak supplementary groups

2015-06-23 Thread Richard Weinberger
The LXC driver uses virSetUIDGID() to become UID/GID 0. It passes an empty groups list to virSetUIDGID() to get rid of all supplementary groups from the host side. But virSetUIDGID() calls setgroups() only if the supplied list is larger than 0. This leads to a container root with unrelated