[virt-tools-list] [virt-viewer][PATCH 0/6] Create actions menu
Hans de Goede
hdegoede at redhat.com
Sun Jan 20 17:07:36 UTC 2013
Hi,
On 01/19/2013 11:09 PM, Doug Goldstein wrote:
<snip>
>>> 4) Forced shutdown
>>>
>>> As a desktop user I want to be able to forcefully turn off the running
>>> virtual
>>> machine. This is important in cases where the virtual machine is not
>>> responding
>>> anymore, e.g. BSOD.
>>>
>>
>> I think having the above 4 make sense, esp. since 1-3 are things which can
>> be
>> triggered from inside the guest using guest specific menus too, so we're
>> just
>> adding a more convenient way to do this, not adding new options.
>>
>>
>> But everything below to me clearly belongs in the realm of a management
>> tool,
>> not virt-viewer.
>>
>
> I'll agree with you for users that would have sudo/root privileges
> inside of the guest, but users that have access limited accounts
> inside the guest this would very clearly open up more access than they
> have in the guest
For most distro's that is not true, connecting to a vm
over vnc / spice gets seen by the vm as being physically present
behind the console (which makes sense since the user is using
a virtual ps/2 keyboard _ vga-card, not an ssh session). And on
most distros the shutdown button in the deskto-manager (ie gdm /
lightdm) and inside the menu of a logged-in X session will work
just fine to shutdown / reboot the machine.
> and would need to be correctly managed via ACLs,
> which is something that hasn't landed in libvirt yet.
This is an unrelated, dare I say completely orthogonal, problem.
A user with the necessary credentials to connect to a libvirt
managed vm, can already shut it down if he/she really wants to by
connecting with virt-manager or virth-sh.
The question here is what are reasonable options to show in
a vm-viewer app without overwhelming the user.
Security really does not belong in this discussion, as that should
already be taken care of at the protocol level. Not showing a menu
option is not the answer to not wanting a user to be able to do
certain actions. That is just security by obscurity.
Regards,
Hans
>
More information about the virt-tools-list
mailing list