In article <24368.1543847...@splode.eterna.com.au>, matthew green <m...@eterna.com.au> wrote: >until all the broken kvm tools are fixed this change really >must stay as-is. if someone truly wants this level of >security they can choose it, but it's not OK to break basic >features by default in the name of security.
Well, even if we want to break things to improve security, this should be done in an expressive/organized fashion: It is not ok for tools that worked before to now fail silently, or with unexpected errors that don't communicate to the user what needs to be done to fix them. I.e. I would support changing the default again, if the tools were made functional again, or they were modified to produce a meaningful error if they failed because of the change. I will work on both. christos