From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Jan Beulich" Subject: Re: RFC: Adding a section to the Xen security policy about what constitutes a vulnerability Date: Wed, 25 Jan 2017 01:40:08 -0700 Message-ID: <588872780200007800133ACC@prv-mh.provo.novell.com> References: <586D03CA020000780012D0DA@prv-mh.provo.novell.com> <5885F9EB0200007800132C3F@prv-mh.provo.novell.com> <22663.15225.982459.190269@mariner.uk.xensource.com> <58874BF80200007800133474@prv-mh.provo.novell.com> <58877BE60200007800133643@prv-mh.provo.novell.com> <9CF4BD27-7416-4533-BB8C-6F10E336EB83@citrix.com> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Return-path: In-Reply-To: <9CF4BD27-7416-4533-BB8C-6F10E336EB83@citrix.com> Content-Disposition: inline List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xen.org Sender: "Xen-devel" To: George Dunlap Cc: Ian Jackson , "xen-devel@lists.xen.org" List-Id: xen-devel@lists.xenproject.org Pj4+IE9uIDI0LjAxLjE3IGF0IDE3OjMzLCA8R2VvcmdlLkR1bmxhcEBjaXRyaXguY29tPiB3cm90 ZToKPj4gT24gSmFuIDI0LCAyMDE3LCBhdCAzOjA4IFBNLCBKYW4gQmV1bGljaCA8SkJldWxpY2hA c3VzZS5jb20+IHdyb3RlOgo+Pj4+PiBPbiAyNC4wMS4xNyBhdCAxNjowMSwgPEdlb3JnZS5EdW5s YXBAY2l0cml4LmNvbT4gd3JvdGU6Cj4+Pj4gT24gSmFuIDI0LCAyMDE3LCBhdCAxMTo0MyBBTSwg SmFuIEJldWxpY2ggPGpiZXVsaWNoQHN1c2UuY29tPiB3cm90ZToKPj4+Pj4+PiBPbiAyNC4wMS4x NyBhdCAxMjozMywgPGlhbi5qYWNrc29uQGV1LmNpdHJpeC5jb20+IHdyb3RlOgo+Pj4+PiBKYW4g QmV1bGljaCB3cml0ZXMgKCJSZTogW1hlbi1kZXZlbF0gUkZDOiBBZGRpbmcgYSBzZWN0aW9uIHRv IHRoZSBYZW4gCj4+PiBzZWN1cml0eSAKPj4+Pj4gcG9saWN5IGFib3V0IHdoYXQgY29uc3RpdHV0 ZXMgYSB2dWxuZXJhYmlsaXR5Iik6Cj4+Pj4+PiAiSWYgYSBidWcgcmVxdWlyZXMgYSB2dWxuZXJh YmxlIG9wZXJhdGluZyBzeXN0ZW0gdG8gYmUgZXhwbG9pdGFibGUsIHRoZQo+Pj4+Pj4gWGVuIFNl Y3VyaXR5IFRlYW0gd2lsbCBwcm8tYWN0aXZlbHkgaW52ZXN0aWdhdGUgdGhlIHZ1bG5lcmFiaWxp dHkgb2YKPj4+Pj4+IHRoZSBmb2xsb3dpbmcgb3Blbi1zb3VyY2Ugb3BlcmF0aW5nIHN5c3RlbXM6 IExpbnV4LCBPcGVuQlNELCBGcmVlQlNELAo+Pj4+Pj4gYW5kIE5ldEJTRC4gIFRoZSBzZWN1cml0 eSB0ZWFtIHdpbGwgYWxzbyB0ZXN0IG9yIG90aGVyd2lzZSBpbnZlc3RpZ2F0ZQo+Pj4+Pj4gdGhl IHZ1bG5lcmFiaWxpdHkgb2Ygc3VwcG9ydGVkIFdpbmRvd3MgdmVyc2lvbnMsIGFuZCBpdCBtYXkg YWxzbyBkbyBzbwo+Pj4+Pj4gZm9yIHNvbWUgb3RoZXIgcHJvcHJpZXRhcnkgb3BlcmF0aW5nIHN5 c3RlbXMuIgo+Pj4+PiAKPj4+Pj4gSSBkb24ndCB0aGluayB3ZSBjYW4gcHJvbWlzZSB0byBjb21l IHVwIHdpdGggYSBkZWZpbml0ZWx5IGNvbmNsdXNpb24KPj4+Pj4gZm9yIGFueSBwcm9wcmlldGFy eSBzeXN0ZW0sIGNhbiB3ZSA/ICBBbnN3ZXJpbmcgc3VjaCBhIHF1ZXN0aW9uIGZvcgo+Pj4+PiBX aW5kb3dzIGlzIG5vdCB3aXRoaW4gb3VyIHBvd2VyIGJlY2F1c2Ugd2UgZG9uJ3QgaGF2ZSB0aGUg c291cmNlIGNvZGUuCj4+Pj4gCj4+Pj4gV2VsbCAtIHNlZSBHZW9yZ2UncyBvcmlnaW5hbCBtYWls LCB3aGljaCB0aGUgYWJvdmUgd2FzIGEgcmVwbHkgdG8uCj4+Pj4gSGUgaGFzIHN1Z2dlc3RlZCB0 aGF0IHRoZXJlJ3MgZW5vdWdoIGtub3dsZWRnZSBhcm91bmQuCj4+Pj4gCj4+Pj4+IFRoZSBxdWVz dGlvbiwgd2hpY2ggdGhlIGFib3ZlIHRleHQgbGVhdmVzIHVuY2xlYXIsIGlzLCB3aGF0IGRvIHdl IGRvCj4+Pj4+IGlmIHdlIGFyZW4ndCBzdXJlIHdoZXRoZXIgdGhlcmUgYXJlIGNvbmZpZ3VyYXRp b25zIG9mIFdpbmRvd3Mgd2hpY2gKPj4+Pj4gaGF2ZSB0aGUgZXhwb3NlZCBiZWhhdmlvdXIuCj4+ Pj4gCj4+Pj4gSSB0aGluayBJIGhhZCBnaXZlbiBteSBvcGluaW9uIG9uIHRoaXMgaW4gYW4gZWFy bGllciBtYWlsOiBJZiBpbiBkb3VidCwKPj4+PiB3ZSBvdWdodCB0byBpc3N1ZSBhbiBhZHZpc29y eS4KPj4+IAo+Pj4gQW5kIG15IHJlc3BvbnNlIChpbiBub3Qgc28gbWFueSB3b3Jkcykgd2FzIHRo YXQgdGhlIHN0YXRlbWVudCwg4oCcSWYgaW4gZG91YnQgCj4+PiB3ZSBvdWdodCB0byBpc3N1ZSBh biBhZHZpc29yeeKAnSBpcyB0b28gYmxhY2stYW5kLXdoaXRlLCBhbmQgKGl0IHNlZW1zIHRvIG1l KSAKPj4+IHdpbGwgcHJvYmFibHkgYWx3YXlzIHJlc3VsdCBpbiBhbiBhZHZpc29yeSBiZWluZyBp c3N1ZWQ7IHRodXMgbWFraW5nIHRoZSAKPj4+IHdob2xlIGRpc2N1c3Npb24gbW9vdC4gIAo+Pj4g Cj4+PiBCdXQgcGVyaGFwcyB3ZeKAmXJlIHVzaW5nIHRoZSB3b3JkIOKAnGRvdWJ04oCdIGEgYml0 IGRpZmZlcmVudGx5LiAgSW4gdGhlIGNhc2Ugb2YgCj4+PiBYU0EtMTc2IGFuZCAxOTIsIGZvciBp bnN0YW5jZSwgd291bGQgeW91IGhhdmUgc2FpZCB0aGF0IHdlIGhhZCBhbnkgZG91YnRzIAo+Pj4g YWJvdXQgd2hldGhlciBXaW5kb3dzIHdhcyB2dWxuZXJhYmxlPwo+PiAKPj4gRm9yIDE5MiAtIG5v LiBGb3IgMTc2IEkgd291bGRuJ3QgYmUgdGhhdCBzdXJlLgo+IAo+IEkgZ3Vlc3MgaXTigJlzIG5v dCByZWFsbHkgYSBmYWlyIHF1ZXN0aW9uLCBhcyB3ZSBkaWRu4oCZdCByZWFsbHkgc3BlbmQgYSBs b3Qgb2YgCj4gdGltZSBpbnZlc3RpZ2F0aW5nIFdpbmRvd3MgYmVjYXVzZSB3ZSB3ZXJlIGdvaW5n IHRvIGlzc3VlIHRoZSBhZHZpc29yeSAKPiBhbnl3YXkuCj4gCj4gSSB0aGluayB1bmRlciB0aGUg YWJvdmUgcnVsZSwgZm9yIFhTQS0xNzYsIEkgdGhpbmsgd2Ugd291bGQgZWl0aGVyIHdhbnQgdG8g Cj4gaGF2ZSBhbiBhbnN3ZXIgZnJvbSBzb21lb25lIGluIE1TLCBvciB3ZeKAmWQgaW5zdHJ1bWVu dCBhIHZlcnNpb24gb2YgWGVuIHRvIAo+IGxvb2sgZm9yIHRoZSBQU0UgYml0IGluIEwzIGFuZCBM NCBwYWdldGFibGVzIGFuZCBydW4gaXQgdGhyb3VnaCBvdXIgCj4gcmVncmVzc2lvbiB0ZXN0LiAg SWYgdGhlcmUgd2FzIG5vIGV2aWRlbmNlIG9mIGFueSBvZiBvdXIgdGVzdGVkIHZlcnNpb25zIG9m IAo+IFdpbmRvd3Mgc2V0dGluZyB0aGUgTDQgUFNFIGJpdCwgb3Igc2V0dGluZyB0aGUgTDMgYml0 IHdoZW4gMUcgc3VwZXJwYWdlcyB3ZXJlIAo+IG5vdCBhZHZlcnRpemVkLCBJIHdvdWxkIGJlIGNv bWZvcnRhYmxlIG5vdCBpc3N1aW5nIGFuIGFkdmlzb3J5LiAgCj4gCj4gT24gdGhlIG90aGVyIGhh bmQsIGlmIHdlIHJlYWxseSBoYWQgbm8gaWRlYSDigJQgd2UgaGFkIG5vIHRlc3QgdG8gcGVyZm9y bSBhbmQgCj4gd2UgaGFkbuKAmXQgYmVlbiBhYmxlIHRvIGNvbnRhY3QgYW55b25lIGZyb20gd2l0 aGluIE1TLCBhbmQgaXQgc2VlbWVkIGxpa2UgCj4gV2luZG93cyBtaWdodCBwbGF1c2libHkgYmUg dnVsbmVyYWJsZSwgdGhlbiBJIHdvdWxkIGFncmVlIHRoYXQgaXNzdWluZyBhbiAKPiBhZHZpc29y eSB3b3VsZCBtYWtlIHNlbnNlLgo+IAo+IFdoYXQgZG8geW91IHRoaW5rPwoKU291bmRzIGFsbCBy ZWFzb25hYmxlLgoKPiBCdXQgSeKAmW0gbm90IGltbWVkaWF0ZWx5IHN1cmUgaG93IHRvIHB1dCBz dWNoIGEgZ3VpZGVsaW5lIGludG8gd29yZHMuCgpTYW1lIGhlcmU7IGFsbCBJIHJlYWxseSB3b3Vs ZCBsaWtlIHRvIGF2b2lkIGlzIGZvciBXaW5kb3dzIChhcwpwcmVzdW1hYmx5IHRoZSBtb3N0IHJl bGV2YW50IGNsb3NlZCBzb3VyY2UgT1Mgd2UgY2FyZQp2aXJ0dWFsaXppbmcpIHRvIGJlIGNvbXBs ZXRlbHkgbGVmdCBvdXQgb2YgdGhlIHBpY3R1cmUgaGVyZS4KCkphbgoKX19fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KWGVuLWRldmVsIG1haWxpbmcgbGlzdApY ZW4tZGV2ZWxAbGlzdHMueGVuLm9yZwpodHRwczovL2xpc3RzLnhlbi5vcmcveGVuLWRldmVsCg==