1
0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-12-27 07:22:07 +03:00
libvirt/examples
Daniel P. Berrange 3e2f27e13b Don't link virt-login-shell against libvirt.so (CVE-2013-4400)
The libvirt.so library has far too many library deps to allow
linking against it from setuid programs. Those libraries can
do stuff in __attribute__((constructor) functions which is
not setuid safe.

The virt-login-shell needs to link directly against individual
files that it uses, with all library deps turned off except
for libxml2 and libselinux.

Create a libvirt-setuid-rpc-client.la library which is linked
to by virt-login-shell. A config-post.h file allows this library
to disable all external deps except libselinux and libxml2.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2013-10-21 14:03:52 +01:00
..
apparmor maint: use LGPL correctly 2013-05-20 14:03:48 -06:00
domain-events Don't link virt-login-shell against libvirt.so (CVE-2013-4400) 2013-10-21 14:03:52 +01:00
dominfo maint: use LGPL correctly 2013-05-20 14:03:48 -06:00
domsuspend Convert 'int i' to 'size_t i' in examples/ files 2013-07-10 17:55:17 +01:00
hellolibvirt Don't link virt-login-shell against libvirt.so (CVE-2013-4400) 2013-10-21 14:03:52 +01:00
openauth Don't link virt-login-shell against libvirt.so (CVE-2013-4400) 2013-10-21 14:03:52 +01:00
python build: fix typo that broke 'make dist' 2013-09-03 16:38:29 -06:00
systemtap maint: use LGPL correctly 2013-05-20 14:03:48 -06:00
xml build: only install nwfilter examples when building nwfilter 2013-09-04 13:48:27 -06:00