Nir Soffer has posted comments on this change. Change subject: storage: validate vdsm rwx permissions for file storage ......................................................................
Patch Set 2: (1 comment) https://gerrit.ovirt.org/#/c/44442/2/vdsm/storage/fileSD.py File vdsm/storage/fileSD.py: Line 68: getProcPool().fileUtils.validateAccess(dirPath) Line 69: supervdsm.getProxy().validateAccess( Line 70: constants.VDSM_USER, Line 71: (constants.DISKIMAGE_GROUP, constants.METADATA_GROUP), dirPath, Line 72: (os.R_OK | os.W_OK | os.X_OK)) Are you sure about the second parameter (constants.DISKIMAGE_GROUP, constants.METADATA_GROUP) ? shouldn't we use (constants.VDSM_GROUP,)? Line 73: supervdsm.getProxy().validateAccess( Line 74: constants.QEMU_PROCESS_USER, Line 75: (constants.DISKIMAGE_GROUP, constants.METADATA_GROUP), dirPath, Line 76: (os.R_OK | os.X_OK)) -- To view, visit https://gerrit.ovirt.org/44442 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I8276c36042bef57c80c8920041b1f3446cdfc372 Gerrit-PatchSet: 2 Gerrit-Project: vdsm Gerrit-Branch: master Gerrit-Owner: Greg Padgett <[email protected]> Gerrit-Reviewer: Adam Litke <[email protected]> Gerrit-Reviewer: Ala Hino <[email protected]> Gerrit-Reviewer: Freddy Rolland <[email protected]> Gerrit-Reviewer: Greg Padgett <[email protected]> Gerrit-Reviewer: Jenkins CI Gerrit-Reviewer: Nir Soffer <[email protected]> Gerrit-Reviewer: [email protected] Gerrit-HasComments: Yes _______________________________________________ vdsm-patches mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/vdsm-patches
