On Mon, Apr 09, 2018 at 01:49:07PM +0100, Daniel P. Berrangé wrote: > On Mon, Apr 09, 2018 at 02:40:27PM +0200, Pavel Hrdina wrote: > > On Mon, Apr 09, 2018 at 01:47:35PM +0200, Katerina Koukiou wrote: > > > Signed-off-by: Katerina Koukiou <kkoukiou@xxxxxxxxxx> > > > --- > > > data/org.libvirt.Connect.xml | 4 ++++ > > > src/connect.c | 20 ++++++++++++++++++++ > > > test/test_connect.py | 1 + > > > 3 files changed, 25 insertions(+) > > > > This and the Secure properties are not that simple to just export > > them. The reason is that the communication over D-Bus can be monitored > > even if the connection from libvirt-dbus to libvirt is secure. I would > > skip these two properties for now until we figure it out. > > I don't think that's a big problem - I think it is just a documentation > task to say that monitoring of traffic on the dbus message bus is out > of scope for these properties. IOW they just reflect the security > properties of the libvirt-dbus <-> hypervisor paths, not the > dbus client <-> hypervisor paths The only concern that I have is that it might be misleading to see the connection as secure but in fact the whole communication is not secure or encrypted. Currently every connection is secure and not encrypted since we use only local connections. In the future if we allow to configure remote connection it will have some value. I guess that user will have to trust to the system where the D-Bus communication is held on. Pavel
Attachment:
signature.asc
Description: PGP signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
