Don't link virt-login-shell against libvirt.so (CVE-2013-4400) CVE-2013-4400-3
authorDaniel P. Berrange <berrange@redhat.com>
Thu, 10 Oct 2013 12:09:08 +0000 (13:09 +0100)
committerDaniel P. Berrange <berrange@redhat.com>
Mon, 21 Oct 2013 13:03:52 +0000 (14:03 +0100)
commit3e2f27e13b94f7302ad948bcacb5e02c859a25fc
tree1463bdfaaedde6b92b1d3fc2ef3188d10ae69f2a
parentb7fcc799ad5d8f3e55b89b94e599903e3c092467
Don't link virt-login-shell against libvirt.so (CVE-2013-4400)

The libvirt.so library has far too many library deps to allow
linking against it from setuid programs. Those libraries can
do stuff in __attribute__((constructor) functions which is
not setuid safe.

The virt-login-shell needs to link directly against individual
files that it uses, with all library deps turned off except
for libxml2 and libselinux.

Create a libvirt-setuid-rpc-client.la library which is linked
to by virt-login-shell. A config-post.h file allows this library
to disable all external deps except libselinux and libxml2.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
12 files changed:
Makefile.am
config-post.h [new file with mode: 0644]
configure.ac
daemon/Makefile.am
examples/domain-events/events-c/Makefile.am
examples/hellolibvirt/Makefile.am
examples/openauth/Makefile.am
gnulib/lib/Makefile.am
python/Makefile.am
src/Makefile.am
src/libvirt.c
tools/Makefile.am