[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] SUPPORT.md: Clarify stubdomain support



On Tue, Mar 06, 2018 at 05:08:43PM +0000, George Dunlap wrote:
> We don't promise to protect you against rogue stub domain binaries;
> only from the running domain once the guest has come up.
> 
> Signed-off-by: George Dunlap <george.dunlap@xxxxxxxxxx>
> ---
> CC: Ian Jackson <ian.jackson@xxxxxxxxxx>
> CC: Wei Liu <wei.liu2@xxxxxxxxxx>
> CC: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> CC: Jan Beulich <jbeulich@xxxxxxxx>
> CC: Tim Deegan <tim@xxxxxxx>
> CC: Stefano Stabellini <sstabellini@xxxxxxxxxx>
> CC: Konrad Wilk <konrad.wilk@xxxxxxxxxx>
> CC: Julien Grall <julien.grall@xxxxxxx>
> ---
>  SUPPORT.md | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/SUPPORT.md b/SUPPORT.md
> index a1810b8046..ce9f68e1c2 100644
> --- a/SUPPORT.md
> +++ b/SUPPORT.md
> @@ -501,6 +501,11 @@ for more information about security support.
>  
>      Status: Supported, with caveats
>  
> +Only stub domain binaries provided by the host admin
> +or trusted users are security supported;

I'm not sure I follow -- why would / should upstream support a binary
that is not produced from upstream source code?

Wei.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.