On Tue, Nov 30, 2010 at 9:52 AM, Sanchit Garg
<sancg...@linux.vnet.ibm.com> wrote:
> @@ -3707,19 +3708,19 @@ VirtIODevice *virtio_9p_init(DeviceState *dev,
> V9fsConf *conf)
> s->ctx.fs_sm = SM_NONE;
> s->ctx.xops = none_xattr_ops;
> } else {
> - fprintf(stderr, "Default to security_model=none. You may want"
> + error_report("Default to security_model=none. You may want"
> " enable advanced security model using "
> "security option:\n\t security_model=passthrough \n\t "
> - "security_model=mapped\n");
> + "security_model=mapped");
> s->ctx.fs_sm = SM_NONE;
> s->ctx.xops = none_xattr_ops;
> }
It would be safer to avoid embedded \n\t. Although I can't find
anything prohibiting it in the source, no other place does this.
Program output is easier to handle when constrained to one message per
line. Security issues arise when unfiltered inputs are logged *and*
linebreaks are allowed because malicious input can inject fake log
lines. Let's avoid getting into the habit.
Looks good otherwise.
Stefan
