Don't link virt-login-shell against libvirt.so (CVE-2013-4400)
authorDaniel P. Berrange <berrange@redhat.com>
Thu, 10 Oct 2013 12:09:08 +0000 (13:09 +0100)
committerDaniel P. Berrange <berrange@redhat.com>
Mon, 21 Oct 2013 13:19:05 +0000 (14:19 +0100)
commit062ad8b2beac2316a3b1e304668ea852e70ea506
tree8db8907345c8c5df448944f23026325ea065c549
parent6fc87e07a22587b9f38845ce1a0d6db1c7483fe9
Don't link virt-login-shell against libvirt.so (CVE-2013-4400)

The libvirt.so library has far too many library deps to allow
linking against it from setuid programs. Those libraries can
do stuff in __attribute__((constructor) functions which is
not setuid safe.

The virt-login-shell needs to link directly against individual
files that it uses, with all library deps turned off except
for libxml2 and libselinux.

Create a libvirt-setuid-rpc-client.la library which is linked
to by virt-login-shell. A config-post.h file allows this library
to disable all external deps except libselinux and libxml2.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
(cherry picked from commit 3e2f27e13b94f7302ad948bcacb5e02c859a25fc)
12 files changed:
Makefile.am
config-post.h [new file with mode: 0644]
configure.ac
daemon/Makefile.am
examples/domain-events/events-c/Makefile.am
examples/hellolibvirt/Makefile.am
examples/openauth/Makefile.am
gnulib/lib/Makefile.am
python/Makefile.am
src/Makefile.am
src/libvirt.c
tools/Makefile.am