On Tue, Oct 16, 2012 at 05:37:59PM +0200, Michael Hanselmann wrote: > 2012/10/16 Iustin Pop <[email protected]>: > > I'm wondering whether backend itself shouldn't filter out "deemed > > unsafe" paths, rather than just cluster verify. The return tuple out of > > Do you mean even for actual file operations? I thought we'd just warn > if some unwanted paths were listed, but to still allow them being > used.
For the paths that we have listed, I think it would be better to err on the side of safety, even to the point of adding duplicate checks, as I see no point in anyone hosting VMs under /bin and its friends or similarly /lib or /etc. thanks, iustin
