Quoting from: http://git.kernel.org/?p=virt/kvm/qemu-kvm.git;a=commitdiff;h=1e72d3b7ad It is possible for a guest with a raw formatted disk image to write a header to that disk image describing another format (such as qcow2). Stopping and subsequent restart of the guest will cause qemu to detect that format, and could allow the guest to read any host file if qemu is sufficiently privileged (typical in virt environments). This means that we should always include the disk image format in the guest XML configuration e.g. <disk type='file' device='disk'> <source file='/var/lib/libvirt/images/f11.img'/> <target dev='hda' bus='virtio'/> <driver name='qemu' type='raw'/> </disk> See also bug #496092
This is in virtinst upstream: http://hg.et.redhat.com/cgi-bin/hg-virt.cgi/applications/virtinst--devel/rev/96bc6e8c5376 There were some other bug fixes that came later as well. I'll be cutting a new release within the next couple weeks though, so it can probably wait till then.
This bug appears to have been reported against 'rawhide' during the Fedora 11 development cycle. Changing version to '11'. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Moving to POST.
This code accrued quite a few fixes and is pretty invasive, so I'm not really comfortable backporting it. Closing this bug as RAWHIDE where it is currently fixed (and F-12).