Dan Kenigsberg has posted comments on this change.
Change subject: vm payload: add file injection to vm
......................................................................
Patch Set 18: I would prefer that you didn't submit this
(2 inline comments)
It seems that you still let vdsm remove any root-owned file in the system. That's not
nice.
....................................................
File vdsm/mkimage.py
Line 104: def removeFs(path):
repeat: this is not safe enough. with this function, any buggy vdsm function can end up
removing any system file.
Please check here that 'path' starts with the basedir of media image.
/var/run/vdsm/images/vmid - not a random one.
....................................................
File vdsm/supervdsmServer.py
Line 216: mkimage.mkFloppyFs(vmId, files)
return forgotten
--
To view, visit
http://gerrit.ovirt.org/2321
To unsubscribe, visit
http://gerrit.ovirt.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: I256475342c79690a95ad999335522f99714cdc8b
Gerrit-PatchSet: 18
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Shahar Havivi <shavivi(a)redhat.com>
Gerrit-Reviewer: Dan Kenigsberg <danken(a)redhat.com>
Gerrit-Reviewer: Ewoud Kohl van Wijngaarden <ewoud(a)kohlvanwijngaarden.nl>
Gerrit-Reviewer: Igor Lvovsky <ilvovsky(a)redhat.com>
Gerrit-Reviewer: Shahar Havivi <shavivi(a)redhat.com>