Re: [libvirt] [PATCH] Don't allow read only connection to use SECURE_XML
On Fri, Mar 13, 2009 at 05:08:08PM -0400, Cole Robinson wrote:
Seems to me that a read only connection shouldn't be able to dump
domain
xml with the SECURE flag. Attached patch blocks the attempt with an
explicit error message.
ACK, seems like a reasonable idea.
Daniel
diff --git a/src/libvirt.c b/src/libvirt.c
index bf3453a..6e73cff 100644
--- a/src/libvirt.c
+++ b/src/libvirt.c
@@ -2619,6 +2619,12 @@ virDomainGetXMLDesc(virDomainPtr domain, int flags)
conn = domain->conn;
+ if ((conn->flags & VIR_CONNECT_RO) && (flags &
VIR_DOMAIN_XML_SECURE)) {
+ virLibConnError(conn, VIR_ERR_OPERATION_DENIED,
+ _("%s with secure flag"), __FUNCTION__);
+ goto error;
+ }
+
if (conn->driver->domainDumpXML) {
char *ret;
ret = conn->driver->domainDumpXML (domain, flags);
--
Libvir-list mailing list
Libvir-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|