Re: qemu: CVE-2016-7116
On Sun, Sep 04, 2016 at 08:06:11PM +0200, Thorsten Alteholz wrote:
> Hi Guido,
> On Sun, 4 Sep 2016, Guido Günther wrote:
> > no-dsa should be used very scarcely in LTS since we don't have a s-p-u
> > to fix minor issues and reading the RedHat entry:
> yes, but ...
> > "A privileged user inside guest could use this flaw to access undue
> > files on the host."
> ... you should also cite:
> "... host directory sharing via Plan 9 File System(9pfs) support ..."
Sorry for the omission, I thought that was clear from the context
already. I know quiet some installations that share files via 9pfs
between host and guest since this is the simplest way if you don't want
to fiddle with network filesystems and it's easy to setup with common
tools like libvirt/virt-manager.