On 09/04/2014 08:37 PM, bancfc(a)openmailbox.org wrote: Only if the actions you do through the backdoor cause something to happen behind libvirt's back in a way that makes libvirt misbehave. It's enough of a risk that the interface is explicitly declared unsupported; but if you only use it for QMP query-* commands, which cannot change qemu state, and therefore cannot confuse libvirt, you probably have no security risk. The domain is still started by libvirt, so sVirt is still in full force. Using virDomainQemuMonitorCommand is indeed a reasonable way to get through to the qemu monitor while still keeping the security labels intact. Where it gets tricky is what commands you use - better would be patching libvirt to support those actions as a proper supported API. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org