Well, yes. If I register a new image with the path
/datastores/0//deployment.0 I could get your vnc password, for
example. Or if I point it to the context cdrom image, I could get some
variables that may contain important information. And, of course, I could
copy one of your images or running VM di
Hi,
By using /datastores instead of /var/lib/one/datastores, have I
opened a security hole?
On 11/09/2013 12:51, Carlos Martín Sánchez wrote:
Hi,
On Wed, Sep 11, 2013 at 1:06 PM, Gerry O'Brien wrote:
Hi Carlos,
I appreciate the security issues. I'm just wondering why
/var/lib/o
Hi,
On Wed, Sep 11, 2013 at 1:06 PM, Gerry O'Brien wrote:
> Hi Carlos,
>
> I appreciate the security issues. I'm just wondering why
> /var/lib/one/datastores is not a safe directory by default given it is the
> default location for datastores?
>
Oneadmin's home /var/lib/one is restricted by
Hi Carlos,
I appreciate the security issues. I'm just wondering why
/var/lib/one/datastores is not a safe directory by default given it is
the default location for datastores?
Regards,
Gerry
On 11/09/2013 11:51, Carlos Martín Sánchez wrote:
Hi,
Tue Sep 10 14:32:48 2013 [Im
Hi,
Tue Sep 10 14:32:48 2013 [ImM][E]: cp: Not allowed to copy images from
> /var/lib/one/ /etc/one/ /var/lib/one/
The dir /var/lib/one is a restricted dir, and OpenNebula won't allow you to
copy images from there. Otherwise, you could copy the DB or other
authentication files. That's why it wor
Hi,
This seems to be a general issue not specific to QCOW2. For the
moment I've solved the issue by mounting the datastores (which are NFS
exports for a filestore) on the root partition at /datastores and
created a symlink form /var/lib/one/datatstore to /datastores.
Is this correct
Hi,
I get the following error when trying to create an image from a
QCOW2 file:"Error copying image in the datastore: Not allowed to
copy image file /var/lib/one/datastores/1/DELETEME.qcow2"
Below are the commands I use to create the QCOW2 file before trying
to create the image nam
