qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v2 0/9] raw: Prohibit dangerous writes for probe


From: Markus Armbruster
Subject: Re: [Qemu-devel] [PATCH v2 0/9] raw: Prohibit dangerous writes for probed images
Date: Tue, 11 Nov 2014 11:03:17 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)

Kevin Wolf <address@hidden> writes:

> See the commit message of patch 7 for the why and how. This series
> will probably be only part of the solution and doesn't mean that we
> should stop looking for other patches which improve different parts of
> the problem.
>
> See the mailing list thread "Image probing: how it can be insecure, and
> what we could do about it" for the complete context.

Not a review, just to update the record of my opinion on this approach:

* This is not a full solution to the problem I want solved, but that's
  okay, it's not sold as one.

* It helps in other scenarios I personally find less interesting, but
  that's okay, others find them interesting enough.

* It changes failure modes subtly.  I figure the failures are
  sufficiently rare and sufficiently catastrophic for me not to worry
  about changing them.

Therefore, I don't object to the general idea.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]