On Fri, Jun 01, 2018 at 17:01:06 +0100, Daniel Berrange wrote:
On Fri, Jun 01, 2018 at 05:49:24PM +0200, Ján Tomko wrote:
On Fri, Jun 01, 2018 at 05:05:30PM +0200, Kashyap Chamarthy wrote:
On Fri, Jun 01, 2018 at 02:11:12PM +0100, Daniel P. Berrangé wrote:
[...]
Most commented out bits are not a security flaw if uncommented though. The fact that we show 'user=root' in the config file though puts across the misleading idea that it is a reasonable thing todo, when in fact it is a horribly insecure thing todo.
In that case, #allow_disk_format_probing = 1
Yes, I think there's actually a good case to be made for that to go. We had to have it as a get out of jail free card when we disabled format probing by default, so we had some compat with existing legacy tools/deployments. After all this time, I think we could reasonably justify dropping this though.
I volunteer for this. I will most probably make my life of adding blockdev-ized blockjobs way easier.