On Wed, Dec 1, 2010 at 6:01 PM, Venkateswararao Jujjuri (JV) <[email protected]> wrote: > On 12/1/2010 1:35 AM, Stefan Hajnoczi wrote: >> On Tue, Nov 30, 2010 at 9:52 AM, Sanchit Garg >> <[email protected]> wrote: >>> @@ -3707,19 +3708,19 @@ VirtIODevice *virtio_9p_init(DeviceState *dev, >>> V9fsConf *conf) >>> s->ctx.fs_sm = SM_NONE; >>> s->ctx.xops = none_xattr_ops; >>> } else { >>> - fprintf(stderr, "Default to security_model=none. You may want" >>> + error_report("Default to security_model=none. You may want" >>> " enable advanced security model using " >>> "security option:\n\t security_model=passthrough \n\t " >>> - "security_model=mapped\n"); >>> + "security_model=mapped"); >>> s->ctx.fs_sm = SM_NONE; >>> s->ctx.xops = none_xattr_ops; >>> } >> >> It would be safer to avoid embedded \n\t. Although I can't find >> anything prohibiting it in the source, no other place does this. >> Program output is easier to handle when constrained to one message per >> line. Security issues arise when unfiltered inputs are logged *and* >> linebreaks are allowed because malicious input can inject fake log >> lines. Let's avoid getting into the habit. > > Embedded breaks were introduced to give more readable and formatted output. > Stafan do you suggest to print the entire message in one line?
Yes, exactly. Stefan
