[openstack-dev] [StarlingX] StarlingX code followup discussions
Kashyap Chamarthy
kchamart at redhat.com
Fri Jun 1 12:16:02 UTC 2018
On Tue, May 22, 2018 at 01:54:59PM -0500, Dean Troyer wrote:
> StarlingX (aka STX) was announced this week at the summit, there is a
> PR to create project repos in Gerrit at [0]. STX is basically Wind
>From a cursory look at the libvirt fork, there are some questionable
choices. E.g. the config code (libvirt/src/qemu/qemu.conf) is modified
such that QEMU is launched as 'root'. That means a bug in QEMU ==
instant host compromise.
All Linux distributions (that matter) configure libvirt to launch QEMU
as a regular user ('qemu'). E.g. from Fedora's libvirt RPM spec file:
libvirt.spec:%define qemu_user qemu
libvirt.spec: --with-qemu-user=%{qemu_user} \
* * *
There are multiple other such issues in the forked libvirt code.
[...]
--
/kashyap
More information about the OpenStack-dev
mailing list