[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field
From: |
Markus Armbruster |
Subject: |
Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field |
Date: |
Thu, 16 Jul 2020 12:43:01 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) |
Daniel P. Berrangé <berrange@redhat.com> writes:
[...]
> NB, the build time classification won't be perfect, but that's largely
> because we don't have sufficient granularity in what we build. For
> example, although we only care about QMP, IIUC, we can't turn off HMP
> at build time.
It could be made compile-time optional. Matter of coding. But I doubt
it would buy us much. Like QMP, it should only ever be exposed to
trusted parties.
> So we might consider HMP to be "low", despite the fact
> that it is impossible to disable when building "only high features".
I'm sure we could find more examples where the current granularity is
too coarse for a clean sorting into "low" and "high" buckets.
Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Philippe Mathieu-Daudé, 2020/07/14
Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Cornelia Huck, 2020/07/14
Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field, Dr. David Alan Gilbert, 2020/07/16
Re: [PATCH 0/1] MAINTAINERS: add security quotient field, Michael S. Tsirkin, 2020/07/14