summaryrefslogtreecommitdiffstats
path: root/libvirt-override-virStoragePool.py
diff options
context:
space:
mode:
authorDaniel P. Berrange <berrange@redhat.com>2013-10-10 13:09:08 +0100
committerDaniel P. Berrange <berrange@redhat.com>2013-10-21 14:19:05 +0100
commit5b2cf134fa292637b53bf89c28f2e88e8ecfdf16 (patch)
tree6a497321c4ab301539b1e9c888d187f7d92780e8 /libvirt-override-virStoragePool.py
parentbc116872291690bc18e475d51a65748122ddec44 (diff)
downloadlibvirt-python-v6-5b2cf134fa292637b53bf89c28f2e88e8ecfdf16.tar.gz
libvirt-python-v6-5b2cf134fa292637b53bf89c28f2e88e8ecfdf16.tar.xz
libvirt-python-v6-5b2cf134fa292637b53bf89c28f2e88e8ecfdf16.zip
Don't link virt-login-shell against libvirt.so (CVE-2013-4400)
The libvirt.so library has far too many library deps to allow linking against it from setuid programs. Those libraries can do stuff in __attribute__((constructor) functions which is not setuid safe. The virt-login-shell needs to link directly against individual files that it uses, with all library deps turned off except for libxml2 and libselinux. Create a libvirt-setuid-rpc-client.la library which is linked to by virt-login-shell. A config-post.h file allows this library to disable all external deps except libselinux and libxml2. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> (cherry picked from commit 3e2f27e13b94f7302ad948bcacb5e02c859a25fc)
Diffstat (limited to 'libvirt-override-virStoragePool.py')
0 files changed, 0 insertions, 0 deletions
generated by cgit (git 2.34.1) at 2026-01-06 02:31:05 +0000