On Tue, Nov 19, 2019 at 04:20:19PM -0000, Rafael David Tinoco wrote:
> ...shall be enough to replace LIBVIRT_DNSMASQ_STATUS_FILE in order for
> libvirt_dnsmasq_status_file_mac_to_ip() to read the correct status
> file.
+1 on that approach. Even though uvtool doesn't typically run
privileged, perhaps it would be wise to sanitize the bridge name anyway
before looking for the file on the filesystem just to be safe. Perhaps
limit it to [A-Za-z0-9]? Or \w, in case users have unicode bridge names
(!)?
On Tue, Nov 19, 2019 at 04:20:19PM -0000, Rafael David Tinoco wrote: DNSMASQ_ STATUS_ FILE in order for dnsmasq_ status_ file_mac_ to_ip() to read the correct status
> ...shall be enough to replace LIBVIRT_
> libvirt_
> file.
+1 on that approach. Even though uvtool doesn't typically run
privileged, perhaps it would be wise to sanitize the bridge name anyway
before looking for the file on the filesystem just to be safe. Perhaps
limit it to [A-Za-z0-9]? Or \w, in case users have unicode bridge names
(!)?