Package list virt-viewer / 94828c7
New patch 0003-Add-some-docs.patch Add some docs Guido G√ľnther 11 years ago
2 changed file(s) with 82 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all
0 From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org>
1 Date: Tue, 2 Feb 2010 20:59:10 +0100
2 Subject: [PATCH] Add some docs
3
4 ---
5 plugin/README | 40 ++++++++++++++++++++++++++++++++++++++++
6 plugin/test.html | 17 +++++++++++++++++
7 2 files changed, 57 insertions(+), 0 deletions(-)
8 create mode 100644 plugin/README
9 create mode 100644 plugin/test.html
10
11 diff --git a/plugin/README b/plugin/README
12 new file mode 100644
13 index 0000000..dea7b78
14 --- /dev/null
15 +++ b/plugin/README
16 @@ -0,0 +1,40 @@
17 +Testing
18 +-------
19 +
20 +Restart your browser. In the location bar, type:
21 +
22 + about:plugins
23 +
24 +Amongst your other plugins you should see the virt-viewer plugin:
25 +
26 + Virt-viewer browser plugin
27 +
28 + File name: virt-viewer-plugin.so
29 + Virtual machine console viewer plugin
30 +
31 + MIME Type Description Suffixes Enabled
32 + application/x-virt-viewer Virt viewer virt-viewer Yes
33 +
34 +If that appears, then next edit the test.html page in the current
35 +directory. You will need to change the name of this page to point
36 +to a virtual machine.
37 +
38 +Then load the edited 'test.html' page into your browser, and you should see a
39 +virt-viewer widget and the display of the virtual machine.
40 +
41 +SECURITY
42 +--------
43 +
44 +If you install this plugin, then any web page could invoke it.
45 +
46 +Specific security implications of this are:
47 +
48 +(1) Malicious web page could cause your browser to connect to an arbitrary
49 +virtual machine even addresses behind a firewall. If you allow the plugin to be
50 +controlled by Javascript, and to communicate back success/failure indications,
51 +then this would allow a hacker to probe ports which they might otherwise not
52 +have access to.
53 +
54 +(2) A web page could connect to a malicious virtual machine. The virt-viewer
55 +widget is not hardened against responses from malicious VNC servers which might
56 +provide faulty responses, causing virt-viewer to crash or be subverted.
57 diff --git a/plugin/test.html b/plugin/test.html
58 new file mode 100644
59 index 0000000..33d333f
60 --- /dev/null
61 +++ b/plugin/test.html
62 @@ -0,0 +1,17 @@
63 +<html>
64 +<body>
65 +
66 + <h1>Virt-viewer applet test</h1>
67 +
68 + <p>You will need to edit the source to
69 + set <code>uri</code>, <code>name</code> etc.</p>
70 +
71 + <embed type="application/x-virt-viewer"
72 + width="800" height="600"
73 + uri="qemu:///system" name="test1">
74 + </embed>
75 +
76 + <p>End of page</p>
77 +
78 +</body>
79 +</html>
80 --
00 0001-Fix-build-with-xulrunner-1.9.1.patch
11 0002-Define-GLADE_DIR.patch
2 0003-Add-some-docs.patch