On Fri, Mar 15, 2013 at 10:40:12AM +0100, Yves-Alexis Perez wrote: > On sam., 2013-03-09 at 19:54 +0100, Guido Günther wrote: > > Hi, > > sorry for the delay but attached is the diff for the stable update. This > > addrsses #701649 (CVE-2013-1766) as well as #699224 (kind of > > CVE-2013-0170). Is this enough for the security team to issue the DSA? > > Let me know if I can help further. > > Cheers, > > -- Guido > > Ok, I have two more questions: > > - what is http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701649#43 > really about? Does libvirt changes permissions on files added to the > storage pool or something?
When using qemu:///system (that is running qemu via the system libvirtd instead of the user's session libvirtd) and dynamic_ownership = 1 (the default) libvirtd changes permissions of devices and files it needs to open to libvirt-qemu:libvirt-qemu since it runs the qemu/kvm process itself with these privileges. Before the change this used to be libvirt-qemu:kvm. > - in http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701649#48 waldi > seems to prefer the disks group, but I don't think any other comment > replying to that. Could you elaborate about this? This is just not how dynamic ownership works. It consistently uses the above for all devices accessed by the qemu process. Cheers, -- Guido > > Regards, > -- > Yves-Alexis -- To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
