Stefan Hajnoczi <stefa...@gmail.com> writes:
> On Wed, Dec 1, 2010 at 6:01 PM, Venkateswararao Jujjuri (JV)
> <jv...@linux.vnet.ibm.com> wrote:
>> On 12/1/2010 1:35 AM, Stefan Hajnoczi wrote:
>>> On Tue, Nov 30, 2010 at 9:52 AM, Sanchit Garg
>>> <sancg...@linux.vnet.ibm.com> wrote:
>>>> @@ -3707,19 +3708,19 @@ VirtIODevice *virtio_9p_init(DeviceState *dev,
>>>> V9fsConf *conf)
>>>> s->ctx.fs_sm = SM_NONE;
>>>> s->ctx.xops = none_xattr_ops;
>>>> } else {
>>>> - fprintf(stderr, "Default to security_model=none. You may want"
>>>> + error_report("Default to security_model=none. You may want"
>>>> " enable advanced security model using "
>>>> "security option:\n\t security_model=passthrough \n\t "
>>>> - "security_model=mapped\n");
>>>> + "security_model=mapped");
>>>> s->ctx.fs_sm = SM_NONE;
>>>> s->ctx.xops = none_xattr_ops;
>>>> }
>>>
>>> It would be safer to avoid embedded \n\t. Although I can't find
>>> anything prohibiting it in the source, no other place does this.
>>> Program output is easier to handle when constrained to one message per
>>> line. Security issues arise when unfiltered inputs are logged *and*
>>> linebreaks are allowed because malicious input can inject fake log
>>> lines. Let's avoid getting into the habit.
>>
>> Embedded breaks were introduced to give more readable and formatted output.
>> Stafan do you suggest to print the entire message in one line?
>
> Yes, exactly.
If you respin anyway, please fix the subject:
s/error_request/error_report/
