A security flaw was found in the way virt-edit tool of libguestfs, a library for accessing and modifying guest disk images, performed file editing in a virtual machine (new file was created, when original file was used leading to loss of attributes likes file permissions, file owner or SELinux context for the edited file). If certain sensitive files were edited using virt-edit, they would become world-readable.
A security flaw was found in the way virt-edit tool of libguestfs, a library for accessing and modifying guest disk images, performed file editing in a virtual machine (new file was created, when original file was used leading to loss of attributes likes file permissions, file owner or SELinux context for the edited file). If certain sensitive files were edited using virt-edit, they would become world-readable.
References: www.openwall. com/lists/ oss-security/ 2012/06/ 11/1 /bugzilla. redhat. com/show_ bug.cgi? id=788642 /www.redhat. com/archives/ libguestfs/ 2012-February/ msg00033. html
[1] http://
[2] https:/
[3] https:/
Proposed upstream patch: /www.redhat. com/archives/ libguestfs/ 2012-February/ msg00034. html
[4] https:/