[pve-devel] Running KVM as root is a security issue

Eric Blevins ericlb100 at gmail.com
Mon Jul 27 15:29:57 CEST 2015


I have no idea if CVE-2015-5154 that Stephan inquired about affests Proxmox.

But when I see exploits like that the first thought in my mind is how
easy it would be for such an exploit to get root on the Proxmox host.

I've done some experimenting. If I take the KVM command as generated
by Proxmox and simply add "-runas nobody" the VM starts up and runs
without a problem.

However when I try to open a console the KVM process fails.
I suspect this is just some permissions in creating the socket but not
investidated.

A patch exists to prevent a crash when a socket cannot be opened.
https://lists.gnu.org/archive/html/qemu-devel/2015-05/msg00577.html

Any chance this security issue can be fixed before the 4.0 release?

Eric



More information about the pve-devel mailing list