From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([140.186.70.92]:58482) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QupMs-0001rS-Lc for qemu-devel@nongnu.org; Sat, 20 Aug 2011 13:29:59 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QupMr-0004LD-Mg for qemu-devel@nongnu.org; Sat, 20 Aug 2011 13:29:58 -0400 Received: from smtp5-g21.free.fr ([212.27.42.5]:52267) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QupMq-0004Kf-U4 for qemu-devel@nongnu.org; Sat, 20 Aug 2011 13:29:57 -0400 Date: Sat, 20 Aug 2011 19:29:47 +0200 From: Yann Dirson Message-ID: <20110820172947.GD30636@home.lan> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1312613652-19977-1-git-send-email-j.schauer@email.de> Subject: Re: [Qemu-devel] [PATCH] introduce environment variables for all qemu-user options List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Johannes Schauer Cc: Peter Maydell , Riku Voipio , qemu-devel@nongnu.org, Vagrant Cascadian , 632192@bugs.debian.org This patch will be useful, but there is a security problem in its current form. The qemu-user-static package installs binfmt-misc entries with "flags: OC", which makes the binary honor setuid bits. Regardless of whether it is a good idea or not, the envvars ought to be ignored in such a case. Some clever checks using getresuid(), or just geteuid() and getuid() when getresuid() is not available, surely have to done. There is probably some existing code for this in other programs... Best regards, -- Yann