Re: [libvirt] [PATCH 7/7] security: Allow disabling security on a per VM basis
On 01/12/2011 10:23 AM, Cole Robinson wrote:
Make the SecurityManager explicitly handle the case when seclabel
model='none'.
Signed-off-by: Cole Robinson <crobinso(a)redhat.com>
---
src/security/security_manager.c | 90 +++++++++++++-------
.../qemuxml2xml-seclabel-model-none-in.xml | 21 +++++
.../qemuxml2xml-seclabel-model-none-out.xml | 21 +++++
tests/qemuxml2xmltest.c | 1 +
4 files changed, 101 insertions(+), 32 deletions(-)
create mode 100644 tests/qemuxml2xmldata/qemuxml2xml-seclabel-model-none-in.xml
create mode 100644 tests/qemuxml2xmldata/qemuxml2xml-seclabel-model-none-out.xml
I agree with Daniel's NACK to this patch - when security is enabled
globally, allowing just one rogue domain can invalidate all others. And
when security is not enabled, <seclabel> is an illusion not aided by an
XML marking.
--
Eric Blake eblake(a)redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 619 bytes)