Comment 60 for bug 2059809
Revision history for this message
| Brian Rosmaita (brian-rosmaita) wrote Re: Arbitrary file access through QCOW2 external data file | #60 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
@Dan:
"If it is true, then I don't see that the nova (or glance, as Brian said) stuff needs to change as we'd reject a qcow with data-file set before we do anything else. Brian, you're saying Cinder needs work purely because of a similar VHD-based approach, nothing to do with qcow right?"
IIUC, the child files don't show up in either the backing_file or data_file fields, rather, we need to pick them up out of this embedded QMP block devices definition thingy. So conceptually it's the same workflow, but yet another thing to look for. So I don't think the current patches protect against the exploit outlined in comments #44 and #50. But maybe your point is that the current patches are good for the external data_file exploit, and this block device thing needs to be a separate CVE?