[libvirt] Re: SELinux SVirt/Qemu problems with current qemu design.

I think labeling can be done to allow the access to directories, and files. So libvirt could go in an label a file/directory in such a way that the running qemu_t:s0.c10 can read or read/write the file/directory. Same with the ability to create save images, as long as the labeling is correct. The only problem I see here is the searching of the directory path to the location of the directories. If we want to allow users to store files/directories anywhere, we end up having to allow qemu_t the ability to at least search every directory on the system, and potentially read them. Having the ability to read a directory is sometimes valuable, for a hacker.