From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([140.186.70.92]:49934)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <aliguori@us.ibm.com>) id 1RIQ64-0000fV-8w
	for qemu-devel@nongnu.org; Mon, 24 Oct 2011 15:22:09 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <aliguori@us.ibm.com>) id 1RIQ61-0006ww-3W
	for qemu-devel@nongnu.org; Mon, 24 Oct 2011 15:22:08 -0400
Received: from e7.ny.us.ibm.com ([32.97.182.137]:60488)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <aliguori@us.ibm.com>) id 1RIQ61-0006wU-0z
	for qemu-devel@nongnu.org; Mon, 24 Oct 2011 15:22:05 -0400
Received: from /spool/local
	by e7.ny.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only!
	Violators will be prosecuted
	for <qemu-devel@nongnu.org> from <aliguori@us.ibm.com>;
	Mon, 24 Oct 2011 15:21:57 -0400
Received: from d03av05.boulder.ibm.com (d03av05.boulder.ibm.com [9.17.195.85])
	by d01relay04.pok.ibm.com (8.13.8/8.13.8/NCO v10.0) with ESMTP id
	p9OJLRom247604
	for <qemu-devel@nongnu.org>; Mon, 24 Oct 2011 15:21:27 -0400
Received: from d03av05.boulder.ibm.com (loopback [127.0.0.1])
	by d03av05.boulder.ibm.com (8.14.4/8.13.1/NCO v10.0 AVout) with ESMTP
	id p9OJL5aU013575
	for <qemu-devel@nongnu.org>; Mon, 24 Oct 2011 13:21:05 -0600
Message-ID: <4EA5BAA1.9010507@us.ibm.com>
Date: Mon, 24 Oct 2011 14:21:05 -0500
From: Anthony Liguori <aliguori@us.ibm.com>
MIME-Version: 1.0
References: <1319209643-3866-1-git-send-email-coreyb@linux.vnet.ibm.com>	<1319209643-3866-4-git-send-email-coreyb@linux.vnet.ibm.com>	<CAAu8pHt0NGGEv7cpdvdtBc7Hrp2XBjJo79ce1RghVextptdVHA@mail.gmail.com>	<4EA5729C.60509@linux.vnet.ibm.com>	<CAAu8pHu45eWhUK146Qp2f8VNA02kNq7=XqWkx8ynT2Madm2xsA@mail.gmail.com>	<4EA5B0BC.10203@linux.vnet.ibm.com>	<CAAu8pHvkc_FsE-5HODFxqxQjEDDHYATtq9uSLNgdc=VmeS91pg@mail.gmail.com>
	<4EA5B8E5.6040306@linux.vnet.ibm.com>
In-Reply-To: <4EA5B8E5.6040306@linux.vnet.ibm.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH v2 3/4] Add cap reduction support to enable
 use as SUID
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Corey Bryant <coreyb@linux.vnet.ibm.com>
Cc: Blue Swirl <blauwirbel@gmail.com>, rmarwah@linux.vnet.ibm.com, qemu-devel@nongnu.org

On 10/24/2011 02:13 PM, Corey Bryant wrote:
>> Right, it's not desirable, but isn't that the best we can do without
>> libcap or FS capabilities?
>>
>
> I think the best we can do is not let it run in those cases. :) I'd like see if
> others in the community have an opinion on this though.

IMHO, it should work as an setuid binary maintaining root privileges.  As long 
as it's a small binary (which it is) and is easy to audit, it should be safe.

Regards,

Anthony Liguori