Go to file
Laszlo Ersek c689b4f1ba qga: set umask 0077 when daemonizing (CVE-2013-2007)
The qemu guest agent creates a bunch of files with insecure permissions
when started in daemon mode. For example:

  -rw-rw-rw- 1 root root /var/log/qemu-ga.log
  -rw-rw-rw- 1 root root /var/run/qga.state
  -rw-rw-rw- 1 root root /var/log/qga-fsfreeze-hook.log

In addition, at least all files created with the "guest-file-open" QMP
command, and all files created with shell output redirection (or
otherwise) by utilities invoked by the fsfreeze hook script are affected.

For now mask all file mode bits for "group" and "others" in
become_daemon().

Temporarily, for compatibility reasons, stick with the 0666 file-mode in
case of files newly created by the "guest-file-open" QMP call. Do so
without changing the umask temporarily.

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2013-05-07 06:46:26 -05:00
audio audio: Replace non-portable asprintf in debug code by g_strdup_printf 2013-01-16 12:03:26 -06:00
backends rng random backend: check for -EAGAIN errors on read 2013-04-16 16:10:21 -05:00
block vmdk: add bdrv_co_write_zeroes 2013-05-03 10:33:49 +02:00
bsd-user target-i386: Replace cpuid_*features fields with a feature word array 2013-05-02 00:27:55 +02:00
default-configs audio: Enable all cards 2013-05-03 12:04:49 -05:00
disas tcg-arm: Implement division instructions 2013-04-27 02:16:44 +02:00
docs trace: document ftrace backend 2013-05-03 13:58:09 +02:00
dtc@bc895d6d09 dtc: add submodule 2013-04-18 13:50:53 +02:00
fpu fpu: Correct edgecase in float64_muladd 2013-04-15 16:06:15 +02:00
fsdev virtfs-proxy-helper: Fix unchecked strdup() by conv. to g_strdup() 2013-01-30 11:14:46 +01:00
gdb-xml
hw virtio-net: properly check the vhost status during status set 2013-05-07 06:43:09 -05:00
include target-i386: Change CPUID model of 486 to 8 2013-05-06 19:55:18 +02:00
ldscripts build: create ldscripts/ 2012-12-19 08:29:06 +01:00
libcacard libcacard/cac: change big switch functions to single return point 2013-04-24 11:48:06 +03:00
linux-headers linux-headers: Update to kvm/queue 2013-04-26 23:02:40 +02:00
linux-user target-i386: Replace cpuid_*features fields with a feature word array 2013-05-02 00:27:55 +02:00
net tap: properly initialize vhostfds 2013-05-03 13:53:46 +02:00
pc-bios Merge branch 's390-for-upstream' of git://github.com/agraf/qemu 2013-05-06 19:56:27 +02:00
pixman@97336fad32 qapi: move include files to include/qobject/ 2012-12-19 08:31:31 +01:00
po ui/gtk: Add Turkish translations 2013-04-23 10:37:38 -05:00
qapi qapi: Fix unchecked strdup() by converting to g_strdup() 2013-01-30 11:14:46 +01:00
qga qga: set umask 0077 when daemonizing (CVE-2013-2007) 2013-05-07 06:46:26 -05:00
QMP add a new qevent: QEVENT_GUEST_PANICKED 2013-04-30 10:30:01 -05:00
qobject qjson: to_json() case QTYPE_QSTRING is buggy, rewrite 2013-04-13 19:40:25 +00:00
qom cpu: Move cpu_write_elfXX_note() functions to CPUState 2013-05-01 13:04:19 +02:00
roms pseries: Update SLOF firmware image 2013-05-06 17:22:48 +02:00
scripts trace: Add ftrace tracing backend 2013-05-03 13:58:09 +02:00
slirp sysemu: avoid proliferation of include/ subdirectories 2013-04-15 18:19:25 +02:00
stubs cpu: Introduce cpu_resume(), for single CPU 2013-05-01 13:04:17 +02:00
sysconfigs/target Eliminate cpus-x86_64.conf file 2012-09-21 15:12:58 +02:00
target-alpha cpu: Replace do_interrupt() by CPUClass::do_interrupt method 2013-03-12 10:35:55 +01:00
target-arm target-arm: Fix incorrect check of kvm_vcpu_ioctl return value 2013-05-03 18:47:22 +01:00
target-cris target-cris: Override do_interrupt for pre-v32 CPU cores 2013-04-16 02:45:11 +02:00
target-i386 target-i386: n270 can MOVBE 2013-05-06 22:27:49 +02:00
target-lm32 hw: move headers to include/ 2013-04-08 18:13:10 +02:00
target-m68k cpu: Replace do_interrupt() by CPUClass::do_interrupt method 2013-03-12 10:35:55 +01:00
target-microblaze microblaze: Add internal base vectors reg 2013-04-26 11:28:50 +02:00
target-mips target-mips: fix calculation of overflow for SHLL.PH and SHLL.QB 2013-05-03 11:50:49 +02:00
target-moxie target-moxie: Fix VMState registration 2013-04-12 14:30:39 +02:00
target-openrisc cpu: Replace do_interrupt() by CPUClass::do_interrupt method 2013-03-12 10:35:55 +01:00
target-ppc target-ppc: Add read and write of PPR SPR 2013-05-06 17:22:48 +02:00
target-s390x Trivial grammar and spelling fixes 2013-05-01 20:55:21 +04:00
target-sh4 hw: move headers to include/ 2013-04-08 18:13:10 +02:00
target-sparc cpu: Replace do_interrupt() by CPUClass::do_interrupt method 2013-03-12 10:35:55 +01:00
target-unicore32 cpu: Replace do_interrupt() by CPUClass::do_interrupt method 2013-03-12 10:35:55 +01:00
target-xtensa cpu: Replace do_interrupt() by CPUClass::do_interrupt method 2013-03-12 10:35:55 +01:00
tcg tcg-arm: Use movi32 in exit_tb 2013-05-03 11:53:30 +02:00
tests libqos: Relocate I2C files 2013-05-03 12:03:14 -05:00
trace trace: Add ftrace tracing backend 2013-05-03 13:58:09 +02:00
ui TLS support for VNC Websockets 2013-05-03 12:04:57 -05:00
util qemu: add castagnoli crc32c checksum algorithm 2013-05-03 10:31:58 +02:00
.exrc qemu: add .exrc 2012-09-07 09:02:44 +03:00
.gitignore S390: ccw firmware: Add Makefile 2013-04-26 20:18:24 +02:00
.gitmodules dtc: add submodule 2013-04-18 13:50:53 +02:00
.mailmap Add a .mailmap to map pre-git-conversion authors to friendly names 2011-12-12 17:06:21 -06:00
aio-posix.c aio: support G_IO_HUP and G_IO_ERR 2013-02-21 16:17:31 -06:00
aio-win32.c aio: Fix return value of aio_poll() 2013-01-17 10:51:42 +01:00
arch_init.c audio: look for the ISA and PCI buses 2013-04-29 12:16:57 -05:00
async.c aio: add a ThreadPool instance to AioContext 2013-03-15 16:07:50 +01:00
balloon.c softmmu: move include files to include/sysemu/ 2012-12-19 08:32:45 +01:00
block-migration.c migration: run setup callbacks out of big lock 2013-03-11 13:32:01 +01:00
block.c block: Fix build with tracing enabled 2013-04-22 11:31:41 -05:00
blockdev-nbd.c hw: move headers to include/ 2013-04-08 18:13:10 +02:00
blockdev.c blockdev: Replace "undefined error" in qmp_block_resize 2013-05-03 10:31:58 +02:00
blockjob.c misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
bt-host.c sysemu: avoid proliferation of include/ subdirectories 2013-04-15 18:19:25 +02:00
bt-vhci.c sysemu: avoid proliferation of include/ subdirectories 2013-04-15 18:19:25 +02:00
Changelog fix some common typos 2012-05-14 07:27:24 +02:00
cmd.c misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
cmd.h Delete useless 'extern' qualifiers for functions 2011-01-23 16:21:20 +00:00
CODING_STYLE Replace Qemu by QEMU in internal documentation 2012-04-07 13:58:25 +00:00
configure S390: BIOS create link to src folder for .img file 2013-05-06 17:30:00 +02:00
COPYING
COPYING.LIB
coroutine-gthread.c block: move include files to include/block/ 2012-12-19 08:31:31 +01:00
coroutine-sigaltstack.c Merge remote-tracking branch 'kwolf/for-anthony' into staging 2013-02-26 07:44:39 -06:00
coroutine-ucontext.c Fix warnings suppressors to honor --disable-werror 2013-04-17 10:28:04 -05:00
coroutine-win32.c block: move include files to include/block/ 2012-12-19 08:31:31 +01:00
cpu-exec.c Merge branch 'mingw' of git://qemu.weilnetz.de/qemu 2013-04-13 14:31:54 +02:00
cpus.c cpus: Fix pausing TCG CPUs while in vCPU thread 2013-05-02 12:15:38 +02:00
cputlb.c cpu: Move current_tb field to CPUState 2013-02-16 14:51:00 +01:00
device_tree.c softmmu: move include files to include/sysemu/ 2012-12-19 08:32:45 +01:00
device-hotplug.c hw: move device-hotplug.o to toplevel, compile it once 2013-03-01 13:57:13 +01:00
disas.c disas: Disassemble all ppc insns for the guest 2013-04-26 23:02:42 +02:00
dma-helpers.c softmmu: move include files to include/sysemu/ 2012-12-19 08:32:45 +01:00
dump-stub.c cpu: Move cpu_write_elfXX_note() functions to CPUState 2013-05-01 13:04:19 +02:00
dump.c cpu: Move cpu_write_elfXX_note() functions to CPUState 2013-05-01 13:04:19 +02:00
exec.c cpu: Add qemu_for_each_cpu() 2013-05-01 13:04:18 +02:00
gdbstub.c sysemu: avoid proliferation of include/ subdirectories 2013-04-15 18:19:25 +02:00
HACKING HACKING: List areas where we may rely on impdef C behaviour 2012-12-08 14:27:40 +00:00
hmp-commands.hx audio: remove HAS_AUDIO 2013-04-29 12:16:36 -05:00
hmp.c Merge remote-tracking branch 'bonzini/hw-dirs' into staging 2013-04-15 17:06:04 -05:00
hmp.h Revert "New QMP command query-cpu-max and HMP command cpu_max" 2013-04-12 09:41:54 -04:00
iohandler.c iohandler: switch to GPollFD 2013-02-21 16:17:31 -06:00
ioport.c exec: move include files to include/exec/ 2012-12-19 08:31:31 +01:00
kvm-all.c kvm-all: add kvm_run_exit tracepoint 2013-05-03 13:58:09 +02:00
kvm-stub.c cpu: Call cpu_synchronize_post_init() from DeviceClass::realize() 2013-05-01 13:04:17 +02:00
LICENSE LICENSE: There is no libqemu.a anymore 2011-12-09 11:25:22 +00:00
main-loop.c main-loop: drop the BQL if the I/O appears to be spinning 2013-04-05 12:53:33 -05:00
MAINTAINERS target-i386: Introduce ICC bus/device/bridge 2013-05-01 13:06:06 +02:00
Makefile win32: fix compilation again 2013-05-03 12:04:40 -05:00
Makefile.objs target-i386: Add "feature-words" property to X86CPU 2013-05-06 19:16:05 +02:00
Makefile.target cpu: Make kvm-stub.o available outside softmmu 2013-05-01 13:04:17 +02:00
memory_mapping-stub.c softmmu: move include files to include/sysemu/ 2012-12-19 08:32:45 +01:00
memory_mapping.c exec: change RAM list to a TAILQ 2012-12-20 23:08:47 +01:00
memory.c memory: fix a bug of detection of memory region collision 2013-03-22 13:21:28 +01:00
migration-exec.c migration: eliminate s->migration_file 2013-03-11 13:32:03 +01:00
migration-fd.c migration: eliminate s->migration_file 2013-03-11 13:32:03 +01:00
migration-tcp.c migration: eliminate s->migration_file 2013-03-11 13:32:03 +01:00
migration-unix.c migration: eliminate s->migration_file 2013-03-11 13:32:03 +01:00
migration.c migration: reflect incoming failure to shell 2013-04-17 10:24:24 -05:00
monitor.c add a new qevent: QEVENT_GUEST_PANICKED 2013-04-30 10:30:01 -05:00
nbd.c nbd: support large NBD requests 2013-05-03 13:05:49 +02:00
os-posix.c Add option to mlock qemu and guest memory 2013-04-22 08:52:23 -05:00
os-win32.c qemu-timer: move timeBeginPeriod/timeEndPeriod to os-win32 2013-04-12 18:27:16 +02:00
page_cache.c page_cache: dup memory on insert 2013-03-11 13:32:03 +01:00
qapi-schema-test.json qapi: add struct-errors test case to test-qmp-output-visitor 2012-03-27 09:11:00 -03:00
qapi-schema.json target-i386: Add "feature-words" property to X86CPU 2013-05-06 19:16:05 +02:00
qdev-monitor.c qdev: Let qdev_prop_parse() pass through Error 2013-05-06 19:40:44 +02:00
qdict-test-data.txt
qemu-bridge-helper.c qemu-bridge-helper: force usage of a very high MAC address for the bridge 2013-03-28 12:58:52 -05:00
qemu-char.c qemu-char: Set foo_tag = 0 when returning FALSE from callbacks 2013-04-25 14:45:47 -05:00
qemu-coroutine-io.c misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
qemu-coroutine-lock.c coroutine: use AioContext for CoQueue BH 2013-03-15 16:07:51 +01:00
qemu-coroutine-sleep.c misc: move include files to include/qemu/ 2012-12-19 08:32:39 +01:00
qemu-coroutine.c coroutine: move pooling to common code 2013-02-22 21:21:10 +01:00
qemu-doc.texi qemu-doc: Option -ignore-environment removed. 2013-04-26 12:44:15 +02:00
qemu-img-cmds.hx qemu-img: Add compare subcommand 2013-02-22 21:21:10 +01:00
qemu-img.c qemu-img: do not zero-pad the compressed write buffer 2013-04-22 10:27:58 +02:00
qemu-img.texi qemu-img: Add compare subcommand 2013-02-22 21:21:10 +01:00
qemu-io.c block: Add options QDict to bdrv_file_open() prototypes 2013-03-22 17:51:31 +01:00
qemu-log.c qemu-log: default to stderr for logging output 2013-02-26 13:31:47 -06:00
qemu-nbd.c Add -f FMT / --format FMT arg to qemu-nbd 2013-04-15 14:29:20 -05:00
qemu-nbd.texi Add -f FMT / --format FMT arg to qemu-nbd 2013-04-15 14:29:20 -05:00
qemu-options-wrapper.h vl.c: In qemu -h output, only print options for the arch we are running as 2011-12-19 10:27:33 -06:00
qemu-options.h vl.c: Move option generation logic into a wrapper file 2011-12-19 10:27:33 -06:00
qemu-options.hx TLS support for VNC Websockets 2013-05-03 12:04:57 -05:00
qemu-seccomp.c softmmu: move include files to include/sysemu/ 2012-12-19 08:32:45 +01:00
qemu-tech.texi qemu-tech.texi: update implemented xtensa features list 2012-11-29 13:00:52 -06:00
qemu-timer.c qemu-timer: move timeBeginPeriod/timeEndPeriod to os-win32 2013-04-12 18:27:16 +02:00
qemu.sasl
qmp-commands.hx Merge remote-tracking branch 'afaerber/qom-cpu' into staging 2013-05-02 10:57:01 -05:00
qmp.c QMP: Add cpu-add command 2013-05-01 13:06:07 +02:00
qtest.c qtest: Handle addresses and values for {in, out}[bwl] as unsigned 2013-04-22 09:11:50 -05:00
readline.c readline: Fix unchecked strdup() by converting to g_strdup() 2013-01-30 11:14:46 +01:00
README Update README 2011-12-11 17:50:43 -06:00
rules.mak win32: fix compilation again 2013-05-03 12:04:40 -05:00
savevm.c qemu-file: do not use stdio for qemu_fdopen 2013-04-17 11:44:22 +02:00
spice-qemu-char.c spice-qemu-char: vmc_write: Don't write more bytes then we're asked too 2013-04-16 11:52:09 +02:00
tcg-runtime.c tcg: Implement multiword multiply helpers 2013-02-23 17:25:28 +00:00
tci.c tci: Make tcg temporaries local to tcg_qemu_tb_exec 2013-04-11 19:58:21 +02:00
thread-pool.c threadpool: drop global thread pool 2013-03-15 16:07:51 +01:00
thunk.c exec: move include files to include/exec/ 2012-12-19 08:31:31 +01:00
tpm.c Move TPM passthrough specific command line options to backend structure 2013-04-23 10:40:40 -05:00
trace-events kvm-all: add kvm_run_exit tracepoint 2013-05-03 13:58:09 +02:00
translate-all.c PPC: Fix compile with profiling enabled 2013-04-26 23:02:41 +02:00
translate-all.h cputlb: Pass CPUState to cpu_unlink_tb() 2013-02-16 14:51:00 +01:00
user-exec.c Replace all setjmp()/longjmp() with sigsetjmp()/siglongjmp() 2013-02-23 16:11:19 +00:00
VERSION Open up 1.5 development tree 2013-02-15 17:40:56 -06:00
version.rc
vl.c Drop redundant resume_all_vcpus() from main() 2013-05-02 13:44:19 +02:00
xbzrle.c Move XBZRLE encoding code to a separate file to allow testing 2013-02-01 08:32:20 +01:00
xen-all.c sysemu: avoid proliferation of include/ subdirectories 2013-04-15 18:19:25 +02:00
xen-mapcache.c hw: move headers to include/ 2013-04-08 18:13:10 +02:00
xen-stub.c hw: move headers to include/ 2013-04-08 18:13:10 +02:00

Read the documentation in qemu-doc.html or on http://wiki.qemu.org

- QEMU team