On Mon, Sep 22, 2008 at 05:58:51PM +0200, Guido G?nther wrote: > Hi, > I might be completely of track here but isn't the logic virt-manger uses > to determine the network devices one can add a bit bogus: > > Currently it's based on the uid of the user, shouldn't this be based on > the connection type instead? Otherwise a user can't add multiple nics to > qemu:///system he's otherwise authorized to change in every way. Yes, that is one of the things that needs clearing up now you can securely connect to qemu:///system and provision as non-root. Ideally we'd expose much more of this in the hypervisor capabilities output, so you wouldn't need to test qemu:///session, but your patch is an improvement none the less. Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :| _______________________________________________ et-mgmt-tools mailing list et-mgmt-tools@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/et-mgmt-tools
