From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1M1gj5-0001AP-Vr
	for qemu-devel@nongnu.org; Wed, 06 May 2009 08:59:56 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1M1gj1-00019H-C6
	for qemu-devel@nongnu.org; Wed, 06 May 2009 08:59:55 -0400
Received: from [199.232.76.173] (port=35163 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1M1gj1-00019E-7X
	for qemu-devel@nongnu.org; Wed, 06 May 2009 08:59:51 -0400
Received: from qw-out-1920.google.com ([74.125.92.145]:58782)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <anthony@codemonkey.ws>) id 1M1gj0-0006Ib-P6
	for qemu-devel@nongnu.org; Wed, 06 May 2009 08:59:50 -0400
Received: by qw-out-1920.google.com with SMTP id 4so54285qwk.4
	for <qemu-devel@nongnu.org>; Wed, 06 May 2009 05:59:50 -0700 (PDT)
Message-ID: <4A0189C2.7020603@codemonkey.ws>
Date: Wed, 06 May 2009 07:59:46 -0500
From: Anthony Liguori <anthony@codemonkey.ws>
MIME-Version: 1.0
Subject: Re: [Qemu-devel] [PATCH] Add HTTP protocol using curl v2
References: <1241571650-16212-1-git-send-email-alex@csgraf.de>
	<20090506082810.GB23167@redhat.com>
In-Reply-To: <20090506082810.GB23167@redhat.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: "Daniel P. Berrange" <berrange@redhat.com>
Cc: alex@csgraf.de, nolan@sigbus.net, qemu-devel@nongnu.org

Daniel P. Berrange wrote:
> On Wed, May 06, 2009 at 03:00:50AM +0200, alex@csgraf.de wrote:
>   
>> From: Alexander Graf <alex@csgraf.de>
>>
>> Currently Qemu can read from posix I/O and NBD. This patch adds a
>> third protocol to the game: HTTP.
>>
>> In certain situations it can be useful to access HTTP data directly,
>> for example if you want to try out an http provided OS image, but
>> don't know if you want to download it yet.
>>
>> Using this patch you can now try it on on the fly. Just use it like:
>>
>> qemu -cdrom http://host/path/my.iso
>>     
>
> I rather think there should be an explicit flag to allow use of http://
> URLs in filenames at runtime, not just 'configure' time. There are many
> apps out there using QEMU which will be assuming QEMU treats all disk
> paths as local files, and thus not got explicit code to check whether 
> a URI is passed. I could well see that some will consider it a security
> issue to allow QEMU to download off the net, but if they updated to
> a new QEMU with this patch, downloading would be allowed by default.
>   

QEMU already supports protocol URLs (like nbd://).  If a management app 
has some reason to restrict what QEMU has access to, they should be 
using SELinux or already scrubbing device names.  I don't understand why 
accessing a URL would be a security issue though.  I expect that 
management apps should be running QEMU as a non-privileged user and that 
from a security perspective, that user is restricted as much as the 
guest would be restricted.

Regards,

Anthony Liguori