qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field


From: Markus Armbruster
Subject: Re: [PATCH 1/1] MAINTAINERS: introduce cve or security quotient field
Date: Thu, 16 Jul 2020 12:43:01 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux)

Daniel P. Berrangé <berrange@redhat.com> writes:

[...]
> NB, the build time classification won't be perfect, but that's largely
> because we don't have sufficient granularity in what we build. For
> example, although we only care about QMP, IIUC, we can't turn off HMP
> at build time.

It could be made compile-time optional.  Matter of coding.  But I doubt
it would buy us much.  Like QMP, it should only ever be exposed to
trusted parties.

>                 So we might consider HMP to be "low", despite the fact
> that it is impossible to disable when building "only high features".

I'm sure we could find more examples where the current granularity is
too coarse for a clean sorting into "low" and "high" buckets.




reply via email to

[Prev in Thread] Current Thread [Next in Thread]