[Pkg-libvirt-maintainers] Bug#843940: Bug#843940: libvirt-daemon: "Permission denied" errors in VMM/virt-manager when dynamic_ownership=0

[J Mo]

On 11/11/2016 10:48 AM, Guido Günther wrote:
> As far as I understand your report you're disabling the feature you
> want: having libvirt fixup permissions. If you disable it you have (or
> virt-manager) to do that.
>
> There might be a bug in virt-manager where it should take more care of
> adjusting permissions but it's hard to figure that out from your
> report. You don't give virt-manager-versions, file permissions, etc or
> what you did to get it to work.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701649

This behavior is so vile that it's been the cause of CVEs, just as 
people predicted it would be (see the Ubuntu bug report in my previous 
response).

This still looks like a security issue to me. I can easily change the 
permission of any root:root owned file to libvirt-qemu:libvirt-qemu on 
the filesystem, as previously documented here:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=701649#43

Once I can do that, I can write/wipe the file, as I just did to one of 
my older kernels under /boot:

[/boot]
shara at panic-->ls /boot/vmlinuz-4.*
-rw-r--r-- 1 libvirt-qemu libvirt-qemu    5 Nov 11 18:21 
/boot/vmlinuz-4.4.0-1-amd64
-rw-r--r-- 1 root         root         3.7M Apr 14  2016 
/boot/vmlinuz-4.5.0-1-amd64
-rw-r--r-- 1 root         root         3.7M Jul 18 12:57 
/boot/vmlinuz-4.6.0-1-amd64



In practicality, this probably isn't very serious.... but damn if it 
ain't stupid.