api: disallow virConnectGetDomainCapabilities on read-only connections
This API can be used to execute arbitrary emulators. Forbid it on read-only connections. Fixes: CVE-2019-10167 Signed-off-by: NJán Tomko <jtomko@redhat.com> Reviewed-by: NDaniel P. Berrangé <berrange@redhat.com>
-
mentioned in commit 7d3b95b0
-
mentioned in commit c5cc88c3
-
mentioned in commit badcb366
-
mentioned in commit 6ba6bb23
-
mentioned in commit be5d96d5
-
mentioned in commit e433008d
-
mentioned in commit a663e284
-
mentioned in commit ab728b56
-
mentioned in commit 5632ca00
-
mentioned in commit 1e51b78a
-
mentioned in commit e322b6f7
-
mentioned in commit bfea7de8
-
mentioned in commit c97b296c
-
mentioned in commit 452fa3ae
-
mentioned in commit d47a396e
-
mentioned in commit 585be8ed
-
mentioned in commit d238f132
-
mentioned in commit 4ce590b0
-
mentioned in commit f9b65fa8
-
mentioned in commit 15502d85
-
mentioned in commit fd16bd52
-
mentioned in commit 93edb0ea
-
mentioned in commit 5441f05a
-
mentioned in commit 38a16f78
-
mentioned in commit 6452b9fd
-
mentioned in commit 58f237d6
-
mentioned in commit c5085b7a
-
mentioned in commit 4f50f36c
-
mentioned in commit 97a737c5