From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:33076) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aq2BF-0007D9-6q for qemu-devel@nongnu.org; Tue, 12 Apr 2016 13:32:50 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aq2BE-0002K9-7h for qemu-devel@nongnu.org; Tue, 12 Apr 2016 13:32:49 -0400 References: <1460472980-26319-1-git-send-email-silbe@linux.vnet.ibm.com> From: Max Reitz Message-ID: <570D3138.3090906@redhat.com> Date: Tue, 12 Apr 2016 19:32:40 +0200 MIME-Version: 1.0 In-Reply-To: <1460472980-26319-1-git-send-email-silbe@linux.vnet.ibm.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="atJRnCe6WOIX8UrS4wMB3N3VhJ7BTPNM0" Subject: Re: [Qemu-devel] [PATCH for-2.6 0/4] qemu-iotests: don't use /tmp List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Sascha Silbe , qemu-devel@nongnu.org, qemu-block@nongnu.org, Kevin Wolf Cc: Tu Bo This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --atJRnCe6WOIX8UrS4wMB3N3VhJ7BTPNM0 Content-Type: multipart/mixed; boundary="uqGDbfpT14RlP9MtIVDUhh1AEa62lsxI5" From: Max Reitz To: Sascha Silbe , qemu-devel@nongnu.org, qemu-block@nongnu.org, Kevin Wolf Cc: Tu Bo Message-ID: <570D3138.3090906@redhat.com> Subject: Re: [PATCH for-2.6 0/4] qemu-iotests: don't use /tmp References: <1460472980-26319-1-git-send-email-silbe@linux.vnet.ibm.com> In-Reply-To: <1460472980-26319-1-git-send-email-silbe@linux.vnet.ibm.com> --uqGDbfpT14RlP9MtIVDUhh1AEa62lsxI5 Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: quoted-printable On 12.04.2016 16:56, Sascha Silbe wrote: > During review of my other qemu-iotests fixes, Max Reitz noticed a > couple of additional places where qemu-iotests hardcode /tmp. This is > both a security issue and cumbersome when running multiple instances > of qemu-iotests (e.g. different users on a shared development machine > like tuxmaker). Fix them up. >=20 > Checked (/var)/tmp usage using "sudo chown 000 /tmp /var/tmp". "tac" > and "qemu -snapshot" fail in that case. I'll presume they create the > temporary files in a secure manner. >=20 > There is one place left that may use /var/tmp in theory; will address > that in a separate patch. >=20 > This series mostly removes dead code and addresses a potential > security issue, all of that in the test suite rather than in > production code. It should be applicable even during hard freeze. > =20 >=20 > Sascha Silbe (4): > qemu-iotests: drop unused _within_tolerance() filter > qemu-iotests: common.rc: drop unused _do() > qemu-iotests: tests: do not set unused tmp variable > qemu-iotests: place valgrind log file in scratch dir Thanks Sascha, I applied the series to my block tree: https://github.com/XanClic/qemu/commits/block Max --uqGDbfpT14RlP9MtIVDUhh1AEa62lsxI5-- --atJRnCe6WOIX8UrS4wMB3N3VhJ7BTPNM0 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJXDTE5AAoJEDuxQgLoOKytWT4H/jhj1eiUfUMUzGEXJOHKsT2m vHjIWYykSCChjFzlM6DAAoUUnFYYxE74xftjoIrwkwbqSznCTpqy+fVOHA/fN9Tp CyeS0NE0mK8V6pVtktOLaS4z2FTMQUYprrik1vcR/y2v9Wku1qgbdwrPv0HuqWpO WGRUXZgMRydsfUTwdAU5Xhr+zqwiJshJ2RsLvSqT8oiT+bc8KqDtLGIj+8FKmy75 qORQdi/rA7MVF1uhi0HXQeHjJvMB7o4MGXbrvfHJf7r+fqBc1bOyOsPuFPy0maiR S91xru67VAKXamJaDgOSwjeNLfGkCNDBPlYdcCLbeBgaN61j7BLpXXq75RkpuqU= =DkLL -----END PGP SIGNATURE----- --atJRnCe6WOIX8UrS4wMB3N3VhJ7BTPNM0--