[Pkg-libvirt-maintainers] Bug#764894: Bug#764894: Bug#764894: virt-manager: USB devices are generally redirected to VMs
Guido Günther
agx at sigxcpu.org
Sun Oct 12 17:35:01 UTC 2014
Hi,
On Sun, Oct 12, 2014 at 07:00:01PM +0200, Christoph Anton Mitterer wrote:
> On Sun, 2014-10-12 at 14:46 +0200, Guido Günther wrote:
> > severity 764894 important
>
> To be honest, I'm quite surprised (or should I say shocked) how much
> this "culture" of hiding away serious issues has taken it's way serious
> issues.
>
> 1) critical & grave are basically the only real way for a user to see
> about such issues on upgrade (when using apt-listbugs)
> 2) not having stuff moved to testing is probably just what one want (at
> least if the affected versions aren't in yet)
> 3) having an issue release critical is probably again just what one
> wants, if the issue is severe enough to justify it as that
As I wrote already: jessie is already affected so if you care _that_
much (which is good) please do all the work and figure out the
affected versions (I've just done so).
[..snip..]
> AFAIU you mean the option in Edit/Preference/New VM/Add spice USB
> redirection, right?
> AFAICS this only controls what happens on the VM (i.e. server-side),...
> and for the server it's absolutely no security problem to allow
> redirections (since it's not his USB devices, but the client's).
No. I mean the confer key that handles usb redirection, see
d81fd3c3af1abde1fa0e2bf3b79643f36836f45b
on https://anonscm.debian.org/cgit/pkg-libvirt/virt-manager.git/
> The two problems we have here:
> a) virt-manager (and perhaps virt-viewer as well?) exports the device
> unconditionally, as long as it's allowed by the server (but a rogue
> server will of course always allow).
> On the VM window, there is the "Virtual Machine/Redirect USB Device"
> menu entry, but here my devices are exported before I even go there.
See above. This should be fixed now with redirection defaulting to off
by default.
> b) The second, IMHO even more severe issue is:
> Why does a normal user get permissions to redirect USB devices?
> Even if virt-manager behaves buggy as described in (1), the user still
> shouldn't have any permissions by default that polkit grants him access
> to the USB device.
http://forums.fedoraforum.org/showthread.php?t=290933
which is
/usr/share/polkit-1/actions/org.spice-space.lowlevelusbaccess.policy
and therefore allowed for interactive users (which makes sense). Feel
free to dup this to spice an keep me on cc. Thanks for raising this.
-- Guido
More information about the Pkg-libvirt-maintainers
mailing list