On 05/05/2016 12:20 PM, Pavel Hrdina wrote: > This config option is broken, it will generate unix socket even if > attribute 'listen' or listen element is specified. > > Also following commit will makes this option obsolete. > > Signed-off-by: Pavel Hrdina <phrdina@xxxxxxxxxx> IMO this is not acceptable. For one, there's no precedent for removing a qemu.conf option; IMO it's part of our API. But the reason this option exists is so site admins can make listen type=socket/socket= the graphical default, as opposed to a wide open listen=127.0.0.1 that any user on the host can trivially access. VNC passwords are known insecure, so locking down the listening mechanism is really the only (current) way to secure VNC. Some related discussions: https://bugzilla.redhat.com/show_bug.cgi?id=1043919 https://bugzilla.redhat.com/show_bug.cgi?id=1044570 - Cole -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list