From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1MOJc7-0007yA-7w
	for qemu-devel@nongnu.org; Tue, 07 Jul 2009 18:58:15 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1MOJc2-0007tK-Ee
	for qemu-devel@nongnu.org; Tue, 07 Jul 2009 18:58:14 -0400
Received: from [199.232.76.173] (port=60339 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1MOJc2-0007tB-5F
	for qemu-devel@nongnu.org; Tue, 07 Jul 2009 18:58:10 -0400
Received: from rv-out-0708.google.com ([209.85.198.248]:49533)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <anthony@codemonkey.ws>) id 1MOJc1-0006D1-NY
	for qemu-devel@nongnu.org; Tue, 07 Jul 2009 18:58:09 -0400
Received: by rv-out-0708.google.com with SMTP id b17so1410895rvf.22
	for <qemu-devel@nongnu.org>; Tue, 07 Jul 2009 15:58:08 -0700 (PDT)
Message-ID: <4A53D2FD.4040004@codemonkey.ws>
Date: Tue, 07 Jul 2009 17:58:05 -0500
From: Anthony Liguori <anthony@codemonkey.ws>
MIME-Version: 1.0
Subject: Re: [Qemu-devel] [PATCH 0/5] ATAPI pass through v2
References: <200907011931.53521.alexandre.bique@citrix.com>
	<20090707200327.GA3902@miranda.arrow>
In-Reply-To: <20090707200327.GA3902@miranda.arrow>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Stuart Brady <sdbrady@ntlworld.com>
Cc: qemu-devel@nongnu.org

Stuart Brady wrote:
> On Wed, Jul 01, 2009 at 07:31:53PM +0100, Bique Alexandre wrote:
>   
>> I updated my patch according to your previous comments.
>>
>> Changes from my previous version:
>>  - split the big patch in 5 patches.
>>  - not exporting any private structure
>>  - switched to SG_IO and brdv_aio_ioctl()
>>  - not including linux/cdrom.h or linux/bsg.h
>>  - got some stuff like defines and request_sense structure from linux/cdrom.h
>>     
>
> Forgive my ignorance, but does ATAPI passthrough have any security 
> implications that should be documented?
>
> I expect that running qemu as root counts as a 'bad idea' (I gather
> that commands are filtered when running as a regular user), but even so,
> I wonder if guests should be prevented from performing firmware updates?
>   

One should never rely on QEMU to enforce any security policy.  That's 
the job of the OS.

I'm sure something like SELinux can be used to prevent a root QEMU 
process from doing a firmware upgrade.

Regards,

Anthony Liguori