From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1MhUs6-000764-Ig
	for qemu-devel@nongnu.org; Sat, 29 Aug 2009 16:50:02 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1MhUs1-00074p-C1
	for qemu-devel@nongnu.org; Sat, 29 Aug 2009 16:50:01 -0400
Received: from [199.232.76.173] (port=43616 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1MhUs1-00074m-97
	for qemu-devel@nongnu.org; Sat, 29 Aug 2009 16:49:57 -0400
Received: from mx20.gnu.org ([199.232.41.8]:20617)
	by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32)
	(Exim 4.60) (envelope-from <anthony@codemonkey.ws>)
	id 1MhUs0-0001Bs-RN
	for qemu-devel@nongnu.org; Sat, 29 Aug 2009 16:49:56 -0400
Received: from mail-qy0-f203.google.com ([209.85.221.203])
	by mx20.gnu.org with esmtp (Exim 4.60)
	(envelope-from <anthony@codemonkey.ws>) id 1MhUrz-0001q4-MN
	for qemu-devel@nongnu.org; Sat, 29 Aug 2009 16:49:55 -0400
Received: by qyk41 with SMTP id 41so1882121qyk.18
	for <qemu-devel@nongnu.org>; Sat, 29 Aug 2009 13:49:54 -0700 (PDT)
Message-ID: <4A99946F.9040307@codemonkey.ws>
Date: Sat, 29 Aug 2009 15:49:51 -0500
From: Anthony Liguori <anthony@codemonkey.ws>
MIME-Version: 1.0
Subject: Re: [Qemu-devel] [PATCH 0/7] ATAPI CDROM passthrough v5
References: <19074.63829.151234.423348@mariner.uk.xensource.com>	<200908282021.45227.bique.alexandre@gmail.com>
	<4A9982EC.9000509@gmx.net>
In-Reply-To: <4A9982EC.9000509@gmx.net>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006@gmx.net>
Cc: Ian Jackson <Ian.Jackson@eu.citrix.com>, qemu-devel@nongnu.org, Bique Alexandre <bique.alexandre@gmail.com>

Carl-Daniel Hailfinger wrote:
> On 28.08.2009 22:21, Bique Alexandre wrote:
>   
>> On Wednesday 12 August 2009 17:18:13 Ian Jackson wrote:
>>   
>>     
>>>> Also, I think Paul and I both requested that fw upgrade not be
>>>> disabled by default.
>>>>       
>>>>         
>>> As previously discussed I think this is a mistake, but it's a decision
>>> for qemu upstream to make so I have changed this.
>>>     
>>>       
>
> Anyone up for writing a security advisory about this?\
>   

Eh?

If you do hardware passthrough, the guest can mess up the device.  This 
is always going to be true and it's a security problem IMHO to make the 
user think anything other than that.

Regards,

Anthony Liguori

> Regards,
> Carl-Daniel
>
>
>