CVE-2015-0236: qemu: Check ACLs when dumping security info from snapshots
authorPeter Krempa <pkrempa@redhat.com>
Tue, 20 Jan 2015 16:01:01 +0000 (17:01 +0100)
committerEric Blake <eblake@redhat.com>
Thu, 22 Jan 2015 17:57:40 +0000 (10:57 -0700)
commit94d18e8f6dbe3afdc72b6df13e3eaa8861874a14
treeb0eb1c964d74ebc4ad350c5adb17eda83d77cf55
parent4edae3cb9600132e875a5b97cf31089a6c8f4cb2
CVE-2015-0236: qemu: Check ACLs when dumping security info from snapshots

The ACL check didn't check the VIR_DOMAIN_XML_SECURE flag and the
appropriate permission for it. Found via code inspection while fixing
permissions for save images.

(cherry picked from commit b347c0c2a321ec5c20aae214927949832a288c5a)
src/qemu/qemu_driver.c
src/remote/remote_protocol.x