Re: [Qemu-devel] [PATCH 0/5] ATAPI pass through v2

[Stuart Brady]

On Wed, Jul 01, 2009 at 07:31:53PM +0100, Bique Alexandre wrote:
> I updated my patch according to your previous comments.
> 
> Changes from my previous version:
>  - split the big patch in 5 patches.
>  - not exporting any private structure
>  - switched to SG_IO and brdv_aio_ioctl()
>  - not including linux/cdrom.h or linux/bsg.h
>  - got some stuff like defines and request_sense structure from linux/cdrom.h

Forgive my ignorance, but does ATAPI passthrough have any security 
implications that should be documented?

I expect that running qemu as root counts as a 'bad idea' (I gather
that commands are filtered when running as a regular user), but even so,
I wonder if guests should be prevented from performing firmware updates?

Obviously, the same questions would apply for SCSI passthrough...

Regards,
-- 
Stuart Brady