Comment 5 for bug 853330

So that comment was not as clear as it should have been. At first I was thinking this was a problem with ec2, and then realized it was a bug with nova but didn't update the comment accordingly. As such, I was trying to say 'in Ubuntu, there is no problem with libvirt and qemu-kvm on their own'. In other words, libvirt and qemu-kvm cannot be modified to enforce behavior around poor/non-existent input validation by tools which use it and down below ('within the context of nova'), you see I actually do agree with you regarding nova.

If nova is using 'use_cow_images' as true by default, it *must* do input validation on the qcow2 images, otherwise the attack you describe will work. An easy approach is simply to say it is not allowed to have a backing store file. If it does, reject it. A harder approach would be to say it is ok to have a backing store file, but it must be in this directory with a unique filename. You have to be careful here because you don't want to just say "this directory" otherwise the qcow2 could point to another guest's file within that directory, thus breaking privilege boundaries. nova must be the one doing this input validation (apart from it being best practice) because if it is in the libvirtd group, it is privileged and must handle allocation of VM disks and files properly (see previous comment).

Scott, should the security contact for nova be subscribed to this bug?