On Sun, Dec 07, 2008 at 10:40:14AM -0500, Juan Miscaro wrote: libvirt does not currently apply any fine grained access controsl over objects it manages. The only access control is done at time the virConnectPtr object is created, either based on your UNIX userid, or PolicyKit, or Kerberos/SASL, or SSL/x509. We may add fine grained access control over objects in the future, but there's no ETA for that. In the meantime such checks would be done in your application Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|