[Pkg-libvirt-commits] [SCM] VirtViewer Debian packaging branch, master, updated. debian/0.2.1-1
Guido Günther
agx at sigxcpu.org
Tue Feb 2 20:40:19 UTC 2010
The following commit has been merged in the master branch:
commit 94828c74d6dc6e17106d826ac9ee4ddf737ccf0e
Author: Guido Günther <agx at sigxcpu.org>
Date: Tue Feb 2 21:09:35 2010 +0100
New patch 0003-Add-some-docs.patch
Add some docs
diff --git a/debian/patches/0003-Add-some-docs.patch b/debian/patches/0003-Add-some-docs.patch
new file mode 100644
index 0000000..4f46f69
--- /dev/null
+++ b/debian/patches/0003-Add-some-docs.patch
@@ -0,0 +1,81 @@
+From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx at sigxcpu.org>
+Date: Tue, 2 Feb 2010 20:59:10 +0100
+Subject: [PATCH] Add some docs
+
+---
+ plugin/README | 40 ++++++++++++++++++++++++++++++++++++++++
+ plugin/test.html | 17 +++++++++++++++++
+ 2 files changed, 57 insertions(+), 0 deletions(-)
+ create mode 100644 plugin/README
+ create mode 100644 plugin/test.html
+
+diff --git a/plugin/README b/plugin/README
+new file mode 100644
+index 0000000..dea7b78
+--- /dev/null
++++ b/plugin/README
+@@ -0,0 +1,40 @@
++Testing
++-------
++
++Restart your browser. In the location bar, type:
++
++ about:plugins
++
++Amongst your other plugins you should see the virt-viewer plugin:
++
++ Virt-viewer browser plugin
++
++ File name: virt-viewer-plugin.so
++ Virtual machine console viewer plugin
++
++ MIME Type Description Suffixes Enabled
++ application/x-virt-viewer Virt viewer virt-viewer Yes
++
++If that appears, then next edit the test.html page in the current
++directory. You will need to change the name of this page to point
++to a virtual machine.
++
++Then load the edited 'test.html' page into your browser, and you should see a
++virt-viewer widget and the display of the virtual machine.
++
++SECURITY
++--------
++
++If you install this plugin, then any web page could invoke it.
++
++Specific security implications of this are:
++
++(1) Malicious web page could cause your browser to connect to an arbitrary
++virtual machine even addresses behind a firewall. If you allow the plugin to be
++controlled by Javascript, and to communicate back success/failure indications,
++then this would allow a hacker to probe ports which they might otherwise not
++have access to.
++
++(2) A web page could connect to a malicious virtual machine. The virt-viewer
++widget is not hardened against responses from malicious VNC servers which might
++provide faulty responses, causing virt-viewer to crash or be subverted.
+diff --git a/plugin/test.html b/plugin/test.html
+new file mode 100644
+index 0000000..33d333f
+--- /dev/null
++++ b/plugin/test.html
+@@ -0,0 +1,17 @@
++<html>
++<body>
++
++ <h1>Virt-viewer applet test</h1>
++
++ <p>You will need to edit the source to
++ set <code>uri</code>, <code>name</code> etc.</p>
++
++ <embed type="application/x-virt-viewer"
++ width="800" height="600"
++ uri="qemu:///system" name="test1">
++ </embed>
++
++ <p>End of page</p>
++
++</body>
++</html>
+--
diff --git a/debian/patches/series b/debian/patches/series
index db6719b..3d290b1 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1,3 @@
0001-Fix-build-with-xulrunner-1.9.1.patch
0002-Define-GLADE_DIR.patch
+0003-Add-some-docs.patch
--
VirtViewer Debian packaging
More information about the Pkg-libvirt-commits
mailing list