[libvirt] [PATCH 7/7] security: Allow disabling security on a per VM basis
Eric Blake
eblake at redhat.com
Wed Jan 12 21:43:41 UTC 2011
On 01/12/2011 10:23 AM, Cole Robinson wrote:
> Make the SecurityManager explicitly handle the case when seclabel
> model='none'.
>
> Signed-off-by: Cole Robinson <crobinso at redhat.com>
> ---
> src/security/security_manager.c | 90 +++++++++++++-------
> .../qemuxml2xml-seclabel-model-none-in.xml | 21 +++++
> .../qemuxml2xml-seclabel-model-none-out.xml | 21 +++++
> tests/qemuxml2xmltest.c | 1 +
> 4 files changed, 101 insertions(+), 32 deletions(-)
> create mode 100644 tests/qemuxml2xmldata/qemuxml2xml-seclabel-model-none-in.xml
> create mode 100644 tests/qemuxml2xmldata/qemuxml2xml-seclabel-model-none-out.xml
I agree with Daniel's NACK to this patch - when security is enabled
globally, allowing just one rogue domain can invalidate all others. And
when security is not enabled, <seclabel> is an illusion not aided by an
XML marking.
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 619 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20110112/659bbc4e/attachment-0001.sig>
More information about the libvir-list
mailing list