Re: [Qemu-devel] [PATCH] Add HTTP protocol using curl v2

[Anthony Liguori <anthony@codemonkey.ws>]

Daniel P. Berrange wrote:
> On Wed, May 06, 2009 at 03:00:50AM +0200, alex@csgraf.de wrote:
>   
>> From: Alexander Graf <alex@csgraf.de>
>>
>> Currently Qemu can read from posix I/O and NBD. This patch adds a
>> third protocol to the game: HTTP.
>>
>> In certain situations it can be useful to access HTTP data directly,
>> for example if you want to try out an http provided OS image, but
>> don't know if you want to download it yet.
>>
>> Using this patch you can now try it on on the fly. Just use it like:
>>
>> qemu -cdrom http://host/path/my.iso
>>     
>
> I rather think there should be an explicit flag to allow use of http://
> URLs in filenames at runtime, not just 'configure' time. There are many
> apps out there using QEMU which will be assuming QEMU treats all disk
> paths as local files, and thus not got explicit code to check whether 
> a URI is passed. I could well see that some will consider it a security
> issue to allow QEMU to download off the net, but if they updated to
> a new QEMU with this patch, downloading would be allowed by default.
>   

QEMU already supports protocol URLs (like nbd://).  If a management app 
has some reason to restrict what QEMU has access to, they should be 
using SELinux or already scrubbing device names.  I don't understand why 
accessing a URL would be a security issue though.  I expect that 
management apps should be running QEMU as a non-privileged user and that 
from a security perspective, that user is restricted as much as the 
guest would be restricted.

Regards,

Anthony Liguori