|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [RFC] libxc: Add trusted decompressors
On Mon, 2013-03-04 at 11:02 +0000, Tim Deegan wrote: > At 10:33 +0000 on 04 Mar (1362393222), George Dunlap wrote: > > On Wed, Feb 27, 2013 at 12:44 PM, Bastian Blank <waldi@xxxxxxxxxx> wrote: > > >> I'm not sure "trusted" is quite the right term though, these aren't > > >> really any more trustworthy than the library supplied ones -- they are > > >> just more suitable for a mini-os environment. > > > > > > I used the term "trusted" because it should not be fed with untrusted > > > input. So it should not be used in the normal libxenguest. In the case > > > of pv-grub, all input is trusted as it runs in the same security domain. > > > > So it's not the decompressors you trust, but the data that you trust? > > > > "Trusted decompressors" definitely means that the decompressors > > themselves are more trustworthy somehow; "trusting decompressors" > > would be a more accurate description. ;-) > > Yeah, I don't think "trusted" is quite the right word here. I would be > inclined to use "unsafe" instead, to make it clear that the caller had > better sanitize the input, or not care about unwanted side-effects. yes, "unsafe" is probably a better word. This is probably almost as simple as running sed on the patch to implement. Ian. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |