[libvirt] [PATCH 0/2] Introduce max_anonymous_clients

Daniel P. Berrange berrange at redhat.com
Wed Feb 19 18:04:45 UTC 2014


On Wed, Feb 19, 2014 at 11:03:00AM -0700, Eric Blake wrote:
> On 02/19/2014 10:55 AM, Daniel P. Berrange wrote:
> > On Tue, Jan 21, 2014 at 11:04:37AM +0100, Michal Privoznik wrote:
> >> On 09.12.2013 15:35, Michal Privoznik wrote:
> >>> https://bugzilla.redhat.com/show_bug.cgi?id=981729
> >>>
> >>> So far we can limit how many clients are connected,
> >>> how many are waiting in accept() line but we could
> >>> not control the count of accepted but not
> >>> authenticated yet.
> 
> >> Ping3? Now that we are after the release it's a great time to merge this
> >> and have as long testing phase as possible.
> > 
> > Seems we dropped the ball on this patch. Can you re-post so we can get
> > it in just after 1.2.2 is released.
> 
> Any reason we shouldn't get it in now, before the 1.2.2 freeze?  It's
> less testing time than if we had done it right after 1.2.1, but still a
> week and a half before the final release.

Guess I'm just a little more wary of changes to the core rpc apis. eg
If we mess this up it is quite likely to become a security vulnerability.

Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|




More information about the libvir-list mailing list