[libvirt] RFC: stop clearing QEMU emulator capabilities
Michal Privoznik
mprivozn at redhat.com
Fri Nov 29 08:15:07 UTC 2019
On 11/28/19 2:04 PM, Daniel P. Berrangé wrote:
>
I don't recall the exact details, but I remember I had to disable
clearing capabilities temporarily (I vaguely recall it had something to
do with device assignment). What I am trying to say is that clearing
capabilities may sometimes get in our way. So I agree with not clearing
them and relying on the rest of security mechanisms we have.
Michal
More information about the libvir-list
mailing list