On Aug 29, 2015, at 7:12 PM, Eric Blake wrote: > On 08/29/2015 02:18 PM, Programmingkid wrote: > >>> >>> (1) 'change' always uses 'raw' as the format, but the selector >>> apparently offers you the full range of image formats >>> (supportedImageFileTypes). >> >> So far it has worked out just fine. Doesn't QEMU detect the format itself? > > You DON'T want to rely on qemu detecting the format itself. That is a > CVE waiting to happen. If you hand a raw disk to the guest, and the > guest writes particular metadata to resemble some other format, and then > qemu probes that other format, you have allowed the guest to take over > the host.
What is the answer? How do we know what to use in place of "raw"?
