|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] xsm/flask: improve unknown permission handling
On 12/04/2014 10:37 AM, David Vrabel wrote: > On 03/12/14 18:42, Andrew Cooper wrote: >> >> XSA-37 was only an XSA because the rules at the time were unclear as >> whether it was an issue or not. At the same time, the rules were >> clarified to state that issues in a debug build only are not security >> issues. > > Given that we occasionally ask our customers to run debug versions of > Xen to diagnose particular problems I think this policy should change > (if not by the Xen project security team, then at least internally). Well given that debug builds *already*, by design, crash on a lot of things that don't crash in production, then you are already increasing their risk of a host crash just by giving them that build. If increasing the risk of a host crash isn't acceptable, then you should stop giving them debug builds. Alternately, maybe we can add an option either at compile time or at boot time for ASSERTs not to crash for your situation. But the fact that we have ASSERTs at all mean that we *expect* debug builds to crash. If that's not what we want we need to get rid of the ASSERTs entirely. -George _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |