openstack team mailing list archive

Thread
Date

Re: [OSSA 2012-011] Compute node filesystem injection/corruption (CVE-2012-3447)

To: Michael Still <michael.still@xxxxxxxxxxxxx>
From: Eric Windisch <eric@xxxxxxxxxxxxxxxx>
Date: Tue, 7 Aug 2012 20:56:44 -0400
Cc: Thierry Carrez <thierry@xxxxxxxxxxxxx>, "openstack@xxxxxxxxxxxxxxxxxxx" <openstack@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <5021AC22.2050104@canonical.com>

> 
> - if the user specifies an image from glance for the injection to occur
> to. This is almost certainly functionality that you're not going to like
> for the reasons stated above. Its there because v1 did it, and I'm
> willing to remove it if there is a consensus that's the right thing to
> do. However, file IO on this image mount is done as the nova user, not
> root, so that's a tiny bit safer (I hope).
> 

This might be kind-of okay if it uses libguestfs, but I'd need to look more closely at libguestfs before considering it safe. If it is only updating vfat, another option is mtools which is entirely userspace and can be run with some safety on the host. 

Regards,
Eric Windisch

Follow ups

Re: [OSSA 2012-011] Compute node filesystem injection/corruption (CVE-2012-3447)
From: Eric Windisch, 2012-08-08

References

[OSSA 2012-011] Compute node filesystem injection/corruption (CVE-2012-3447)
From: Thierry Carrez, 2012-08-07
Re: [OSSA 2012-011] Compute node filesystem injection/corruption (CVE-2012-3447)
From: Eric Windisch, 2012-08-07
Re: [OSSA 2012-011] Compute node filesystem injection/corruption (CVE-2012-3447)
From: Michael Still, 2012-08-08