Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field

From:	Cornelia Huck
Subject:	Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field
Date:	Thu, 16 Jul 2020 08:55:43 +0200

On Tue, 14 Jul 2020 18:40:11 +0530 (IST)
P J P <ppandit@redhat.com> wrote:

<just commenting on this one>

>  * QEMU would abort(3), if a user attempts to start QEMU with insecure 
> options 
>    like say -virtfs OR -fda fat:floopy OR -netdev user OR -device tulip ?  
> 
>  * One way could be to abort(3) at options parsing stage, if 'security' flag 
>    is set to high(1) and continue further if it is low(0).

Failing to start (with a message that explains why) if one of the
command line options is not covered by a specified security policy is
not unreasonable (after all, we fail to start for other cases of
incompatible command line options as well.) However, we also need to
cover dynamically-added devices. Aborting seems very bad there, just
failing to add the device seems like what we'd want.

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 0/1] MAINTAINERS: add security quotient field, P J P, 2020/07/14
- [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, P J P, 2020/07/14
  - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Peter Maydell, 2020/07/14
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Daniel P . Berrangé, 2020/07/14
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Michael S. Tsirkin, 2020/07/14
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Peter Maydell, 2020/07/14
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Michael S. Tsirkin, 2020/07/14
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, P J P, 2020/07/14
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Cornelia Huck <=
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Daniel P . Berrangé, 2020/07/16
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, P J P, 2020/07/16
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Daniel P . Berrangé, 2020/07/16
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Christian Schoenebeck, 2020/07/16
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Daniel P . Berrangé, 2020/07/16
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Christian Schoenebeck, 2020/07/16
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Daniel P . Berrangé, 2020/07/16
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Daniel P . Berrangé, 2020/07/14
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Kevin Wolf, 2020/07/14
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Thomas Huth, 2020/07/14

Prev by Date: Re: [PATCH] spapr_pci: Robustify support of PCI bridges
Next by Date: Re: [PATCH v2] .mailmap: Update Paul Burton email address
Previous by thread: Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field
Next by thread: Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field
Index(es):
- Date
- Thread