[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [RFC] libxc: Add trusted decompressors

On Mon, 2013-03-04 at 11:02 +0000, Tim Deegan wrote:
> At 10:33 +0000 on 04 Mar (1362393222), George Dunlap wrote:
> > On Wed, Feb 27, 2013 at 12:44 PM, Bastian Blank <waldi@xxxxxxxxxx> wrote:
> > >> I'm not sure "trusted" is quite the right term though, these aren't
> > >> really any more trustworthy than the library supplied ones -- they are
> > >> just more suitable for a mini-os environment.
> > >
> > > I used the term "trusted" because it should not be fed with untrusted
> > > input. So it should not be used in the normal libxenguest. In the case
> > > of pv-grub, all input is trusted as it runs in the same security domain.
> > 
> > So it's not the decompressors you trust, but the data that you trust?
> > 
> > "Trusted decompressors" definitely means that the decompressors
> > themselves are more trustworthy somehow; "trusting decompressors"
> > would be a more accurate description. ;-)
> Yeah, I don't think "trusted" is quite the right word here.  I would be
> inclined to use "unsafe" instead, to make it clear that the caller had
> better sanitize the input, or not care about unwanted side-effects.

yes, "unsafe" is probably a better word. This is probably almost as
simple as running sed on the patch to implement.


Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.