[fedora-virt] libguestfs best practices: Exposing files from the host for the duration of a session
Daniel P. Berrange
berrange at redhat.com
Fri May 29 11:20:31 UTC 2009
On Fri, May 29, 2009 at 12:10:05PM +0100, Richard W.M. Jones wrote:
> On Fri, May 29, 2009 at 03:13:10AM -0700, Ask Bjørn Hansen wrote:
> > On May 29, 2009, at 2:44, Richard W.M. Jones wrote:
> >> If we put an FTP server inside the appliance, things are better. FTP
> >> clients are widely available, either standalone or as libraries for
> >> many programming languages. They just need to be able to make a TCP
> >> connection, so there is no requirement for special privileges. On the
> >> server side (inside the appliance) the FTP server is running as "root"
> >> so it can make arbitrary changes to the filesystem.
> >
> > Please make FTP die already! :-)
> >
> > How about HTTP (WebDAV) or - better - just use the ssh file transfer
> > protocol?
>
> ssh isn't too widely supported (from programming language libraries).
> Does libssh2 even support scp?
>
> WebDAV is possible, but it comes down to how much crap it will depend
> upon, all of which needs to go into the appliance.
>
> FTP is widely supported and well understood, and the servers are old,
> small, self-contained code. I really think it's better for this, and
> not just because I once wrote an FTP server ...
I tend to agree with this - ssh is overkill here - the host <->guest
channel is already secure by virtue of using vmchannel, so using ssh
is not really required. FTP is a really easy to implement, low overhead
protocol that'd fit nicely here. I can't really think of what WebDAV
would do for this use case that FTP can't do in a simpler manner.
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
More information about the virt
mailing list