On February 6, 2015 6:54:48 PM EST, "Marc-André Lureau"
<mlureau@xxxxxxxxxx> wrote:
Clients connecting to untrusted VMs may not want the VM to have
access to the host filesystem. Previously they were safe if they
did nothing, but with this change, they would need to explicitly
set shared-dir to NULL. (Which, of course, will cause a warning
with previous versions of spice-gtk.)
Well, the shared directory is the ~/Public by default, so I assume
this is fine.
The VM has write access to the folder, so it could overwrite my public
files or fill up my disk.
I think we should still enable it by default, but it's good that you
remind of the implication. Hopefully people read release notes...
I don't think it's a good idea to retroactively add potential security
holes to existing applications, with or without a release note. I think
users will be surprised by this behavior: for example, VirtualBox and
VMware Workstation don't share folders by default, and GNOME doesn't
share ~/Public by default.
Is it really important to enable this feature for unmodified
applications? Applications will probably want a UI for
enabling/disabling sharing and selecting a target folder, so they'll
need to be changed anyway. With this patch, and without that additional
UI, users who don't like the defaults will be forced to mess around with
XDG_CONFIG_HOME and user-dirs.dirs.
--Benjamin Gilbert
_______________________________________________
Spice-devel mailing list
Spice-devel@xxxxxxxxxxxxxxxxxxxxx
http://lists.freedesktop.org/mailman/listinfo/spice-devel