Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

Debian: 2194-1: libvirt: insufficient checks

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Debian: 2194-1: libvirt: insufficient checks
# 1  
Old 03-18-2011
Debian: 2194-1: libvirt: insufficient checks
LinuxSecurity.com: It was discovered that libvirt, a library for interfacing with different virtualization systems, did not properly check for read-only connections. This allowed a local attacker to perform a denial of service (crash) or possibly escalate privileges. [More...]

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

1 More Discussions You Might Find Interesting

1. Cybersecurity

Experience with libvirt netfilter API

Hi all, I would like to get some ideas and opinions on matter of libvirt netfilter application in KVM environment. I am looking for some easy way to control it with an API and possible experience with that and its performance in real life application. Thanks for all ideas (0 Replies)
Discussion started by: smoofy
0 Replies
Login or Register to Ask a Question

LEARN ABOUT CENTOS

virt-login-shell

VIRT-LOGIN-SHELL(1)					      Virtualization Support					       VIRT-LOGIN-SHELL(1)

NAME

       virt-login-shell - tool to execute a shell within a container matching the users name

SYNOPSIS

       virt-login-shell

DESCRIPTION

       The virt-login-shell program is a setuid shell that is used to join an LXC container that matches the user's name.  If the container is not
       running, virt-login-shell will attempt to start the container.  virt-sandbox-shell is not allowed to be run by root.  Normal users will get
       added to a container that matches their username, if it exists, and they are configured in /etc/libvirt/virt-login-shell.conf.

       The basic structure of most virt-login-shell usage is:

	 virt-login-shell

OPTIONS

       -h, --help
	   Display command line help usage then exit.

       -V, --version
	   Display version information then exit.

CONFIG

       By default, virt-login-shell will execute the /bin/sh program for the user.  You can modify this behaviour by defining the shell variable
       in /etc/libvirt/virt-login-shell.conf.

       eg.  shell = [ "/bin/ksh", "--login"]

       By default no users are allowed to use virt-login-shell, if you want to allow certain users to use virt-login-shell, you need to modify the
       allowed_users variable in /etc/libvirt/virt-login-shell.conf.

       eg. allowed_users = [ "tom", "dick", "harry" ]

BUGS

       Report any bugs discovered to the libvirt community via the mailing list "http://libvirt.org/contact.html" or bug tracker
       "http://libvirt.org/bugs.html".	Alternatively report bugs to your software distributor / vendor.

AUTHORS

	 Please refer to the AUTHORS file distributed with libvirt.

	 Daniel Walsh <dwalsh at redhat dot com>

COPYRIGHT

       Copyright (C) 2013 Red Hat, Inc., and the authors listed in the libvirt AUTHORS file.

LICENSE

       virt-login-shell is distributed under the terms of the GNU LGPL v2+.  This is free software; see the source for copying conditions. There
       is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE

SEE ALSO

       virsh(1), <http://www.libvirt.org/>

libvirt-1.1.1							    2014-06-17						       VIRT-LOGIN-SHELL(1)