From 5315bbf8f926721ded285f424a8348d3b25b8648 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?= Date: Fri, 14 Jun 2019 17:10:21 +0200 Subject: [PATCH] Do not check for object existence when got it with another Admin API call When qubesd returns an name of VM or other object, as part of another call (reading a property, listing devices etc), it's safe to assume that object exists. Do not try to list it, which could be prevented by qrexec policy. This means a VM object would be returned (for example in vm.netvm property), which potentially could not be listed through app.domains collection. This may lead to some corner cases, but generally should ease handling of restricted policy. This does not affect practical information the management VM have access too, as those names are already returned. It's just client side python wrapper that didn't allowed to access them. QubesOS/qubes-issues#5099 --- qubesadmin/base.py | 2 +- qubesadmin/devices.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/qubesadmin/base.py b/qubesadmin/base.py index a674699..2a8fcaa 100644 --- a/qubesadmin/base.py +++ b/qubesadmin/base.py @@ -233,7 +233,7 @@ class PropertyHolder(object): if prop_type == 'vm': if value == '': return None - return self.app.domains[value] + return self.app.domains.get_blind(value) if prop_type == 'label': if value == '': return None diff --git a/qubesadmin/devices.py b/qubesadmin/devices.py index c09e1ce..4efcab7 100644 --- a/qubesadmin/devices.py +++ b/qubesadmin/devices.py @@ -209,7 +209,7 @@ class DeviceCollection(object): ['True', 'yes', True]) if persistent is not None and dev_persistent != persistent: continue - backend_domain = self._vm.app.domains[backend_domain] + backend_domain = self._vm.app.domains.get_blind(backend_domain) yield DeviceAssignment(backend_domain, ident, options, persistent=dev_persistent, frontend_domain=self._vm,