X-Git-Url: http://git.annexia.org/?p=libguestfs.git;a=blobdiff_plain;f=TODO;h=c726fc9a83ddfcb769cc0e285752f3fa4568008a;hp=6579629f9bd9e05bcd6be0cf876d244d15927aff;hb=3a5bd5aba23583e64bfaabc906ca95b0f9d37578;hpb=64841fe8957f798df12a38bd81843c7011f2c278

diff --git a/TODO b/TODO
index 6579629..c726fc9 100644
--- a/TODO
+++ b/TODO
@@ -448,16 +448,6 @@ Get the guest icon
   a distro-specific manner.
 - For Windows guests, parse it out of c:\windows\explorer.exe
 
-Integrate event log parsing more closely
-----------------------------------------
-
-https://rwmj.wordpress.com/2011/04/17/decoding-the-windows-event-log-using-guestfish/
-
-We should at least make sure the tools are packaged up for Fedora.  We
-could document formally how to do event log parsing.  Also the above
-only works for Windows Vista and later (since the log format changed),
-so we could extend this to work for earlier versions.
-
 Integrate virt-inspector with CMDBs
 -----------------------------------
 
@@ -467,3 +457,46 @@ right range of data so that integration would be possible.  The
 standards for CMDBs come from the DMTF, see eg:
 
 http://dmtf.org/news/pr/2009/7/dmtf-releases-cmdbf-standard-federating-configuration-management-data
+
+Efficient way to visit all files
+--------------------------------
+
+https://rwmj.wordpress.com/2010/12/15/tip-audit-virtual-machine-for-setuid-files/#content
+
+A naive method would look like:
+
+  g#visit ~return_stats:true "/" (
+    fun pathname stat ->
+      ...
+  )
+
+However this has two disadvantages:
+
+ - requires hand-written custom bindings in each language
+ - unclear about locking, thread-safety and re-entrancy of handle g
+
+A better way would be to have some sort of explicit "download all
+filenames and stat structures", which could then be iterated over:
+
+  let files = g#find_opts ~return_stats:true "/" in
+  List.iter (
+    fun pathname stat ->
+      ...
+  )
+
+The problem with this is that 'files' is going to be larger than a
+protocol buffer.
+
+This leads to thinking about changes to the protocol / generator to
+make this simpler.  The proposal would be to add RBigStringList,
+RBigStructList [or RBig (Ranytype ...)].  These would work like
+FileOut, in that they would use file streaming to stream XDR
+structures (probably written to a file on the library side).
+Generated code would hide most of the implementation.
+
+We also need to think about security issues: is it possible for the
+daemon to keep sending back data forever, and if so what happens on
+the library side.
+
+[Users can now use virt-ls to solve some of these problems, but it is
+not a general solution at the API level]
\ No newline at end of file