[Openstack] [OSSA 2012-011] Compute node filesystem injection/corruption (CVE-2012-3447)
Eric Windisch
eric at cloudscaling.com
Wed Aug 8 00:58:30 UTC 2012
>
> This might be kind-of okay if it uses libguestfs, but I'd need to look more closely at libguestfs before considering it safe. If it is only updating vfat, another option is mtools which is entirely userspace and can be run with some safety on the host.
>
I just realized you said glanceā¦ I'm assuming these are probably ext2/3/4 or other Linux filesystems. Libguestfs might be the best option, besides simply not having that feature.
Regards,
Eric windisch
More information about the Openstack
mailing list