Comment 3 for bug 1012259

A security flaw was found in the way virt-edit tool of libguestfs, a library for accessing and modifying guest disk images, performed file editing in a virtual machine (new file was created, when original file was used leading to loss of attributes likes file permissions, file owner or SELinux context for the edited file). If certain sensitive files were edited using virt-edit, they would become world-readable.

References:
[1] http://www.openwall.com/lists/oss-security/2012/06/11/1
[2] https://bugzilla.redhat.com/show_bug.cgi?id=788642
[3] https://www.redhat.com/archives/libguestfs/2012-February/msg00033.html

Proposed upstream patch:
[4] https://www.redhat.com/archives/libguestfs/2012-February/msg00034.html