[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] Do not read files at once in pygrub



On Tue, 22 May 2012, Miroslav Rezanina wrote:

----- Original Message -----
From: "M A Young" <m.a.young@xxxxxxxxxxxx>
To: "Ian Campbell" <Ian.Campbell@xxxxxxxxxx>
Cc: "Miroslav Rezanina" <mrezanin@xxxxxxxxxx>, "xen-devel" 
<xen-devel@xxxxxxxxxxxxxxxxxxx>
Sent: Tuesday, May 22, 2012 12:30:31 PM
Subject: Re: [Xen-devel] [PATCH] Do not read files at once in pygrub

On Tue, 22 May 2012, Ian Campbell wrote:
They look functionally pretty similar, one big difference is that
Michael limits the size of the cfg file as well, which seems wise.

Yes, a malicious guest could have a huge grub configuration file as
well.
My strategy was just to read the first megabyte as I can't see why a
legitimate configuration file would be anywhere near that long.

Yeah, it should not be as big. However, I think it should use same approach
as kernel/ramdisk in case there will be such a big configuration file (even
we do not see reason now).

They are already different as the configuration file is only read into memory and processed there, whereas the kernel and ramdisk are just file copies ready for the calling process to use. I haven't specifically looked at this bit of the code but I think it could be difficult to protect against a malicious configuration file without truncating it somewhere as for example, you have to consider the case of a legitimately formatted grub file with, say, a million menu entries.

        Michael Young

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.