Re: [libvirt] [PATCH] qemu: Enforce qemuSecurity wrappers
On Tue, Feb 14, 2017 at 15:30:44 +0100, Michal Privoznik wrote:
Now that we have some qemuSecurity wrappers over
virSecurityManager APIs, lets make sure everybody sticks with
them. We have them for a reason and calling virSecurityManager
API directly instead of wrapper may lead into accidentally
labelling a file on the host instead of namespace.
Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com>
---
This is an alternative approach to:
https://www.redhat.com/archives/libvir-list/2017-February/msg00271.html
While I think that by putting some more effor to the script checking the
rules it would be possible to achieve the same even without having to
have macros for the APIs which don't require wrapping I must agree that
it's better to have a check with techincal debt rather than a bug.
ACK
Attachments:
- signature.asc (application/pgp-signature — 833 bytes)