Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field

From:	Peter Maydell
Subject:	Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field
Date:	Tue, 14 Jul 2020 11:22:28 +0100

On Tue, 14 Jul 2020 at 11:12, Michael S. Tsirkin <mst@redhat.com> wrote:
> And for people who want to build QEMU with lots of functionality (like
> Fedora does), I think a -security flag would be a useful addition.
> We can then tell security researchers "only a high security issue
> if it reproduces with -security=high, only a security issue
> if it reproduces with -security=low".

I think a -security option would also be useful to users -- it
makes it easier for them to check "is this configuration using
something that I didn't realize was not intended to be secure".
For me, something useful for our users is much more compelling
than "this might make security researchers' lives a bit easier".

thanks
-- PMM

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 0/1] MAINTAINERS: add security quotient field, P J P, 2020/07/14
- [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, P J P, 2020/07/14
  - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Peter Maydell, 2020/07/14
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Daniel P . Berrangé, 2020/07/14
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Michael S. Tsirkin, 2020/07/14
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Peter Maydell <=
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Michael S. Tsirkin, 2020/07/14
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, P J P, 2020/07/14
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Cornelia Huck, 2020/07/16
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Daniel P . Berrangé, 2020/07/16
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, P J P, 2020/07/16
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Daniel P . Berrangé, 2020/07/16
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Christian Schoenebeck, 2020/07/16
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Daniel P . Berrangé, 2020/07/16
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Christian Schoenebeck, 2020/07/16
    - Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Daniel P . Berrangé, 2020/07/16

Prev by Date: Re: device compatibility interface for live migration with assigned devices
Next by Date: Re: [PATCH RFCv2 3/6] s390x/diag: implement diag260
Previous by thread: Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field
Next by thread: Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field
Index(es):
- Date
- Thread