On Thu, 2010-01-21 at 11:33 -0500, Chris Lalancette wrote: > Signed-off-by: Chris Lalancette <clalance@xxxxxxxxxx> > --- > .x-sc_prohibit_readlink | 2 ++ > cfg.mk | 5 +++++ > 2 files changed, 7 insertions(+), 0 deletions(-) > create mode 100644 .x-sc_prohibit_readlink This breaks AppArmor (see why in my response to the AppArmor change). Readlink() can be used safely, so perhaps the check can be done such that if using readlink, you must check the return code. Or simply warn if using readlink. virFileResolveLink() behaves substantially differently than readlink() and deprecating readlink() without adjusting virFileResolveLink() is IMHO unwise (while AppArmor is the only thing affected atm, it seems at least possible that new future code may need/want to readlink() things in /proc (eg /proc/self/exe)). Jamie -- Jamie Strandboge | http://www.canonical.com
Attachment:
signature.asc
Description: This is a digitally signed message part
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list