From mboxrd@z Thu Jan 1 00:00:00 1970 From: Michal Novotny Subject: Re: [PATCH] Fix restore handling checks Date: Wed, 23 Jun 2010 13:54:04 +0200 Message-ID: <4C21F5DC.5050806@redhat.com> References: <4C204D8C.3020303@redhat.com> <19488.53018.201328.781032@mariner.uk.xensource.com> <4C21EDA5.5070100@redhat.com> <19489.61339.878715.309115@mariner.uk.xensource.com> <4C21F034.7060501@redhat.com> <19489.62735.769351.371689@mariner.uk.xensource.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <19489.62735.769351.371689@mariner.uk.xensource.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xensource.com Errors-To: xen-devel-bounces@lists.xensource.com To: Ian Jackson Cc: Paolo Bonzini , "'xen-devel@lists.xensource.com'" , Keir Fraser List-Id: xen-devel@lists.xenproject.org On 06/23/2010 01:50 PM, Ian Jackson wrote: > Michal Novotny writes ("Re: [PATCH] Fix restore handling checks"): > >> Why do you think so, Ian? This follows the IDE specifications to >> disallow read-only IDE disks since the specs doesn't support IDE >> read-only disks. The only read-only device being supported by IDE specs >> is the CD-ROM device. >> > The administrator should be free to violate the IDE specification if > the IDE specification conflicts with their security goals. > > Ian. > Are you saying that it's OK for administrators to violate the IDE specs and do it the way that is should never be done since this way it's not working on bare-metal systems ? This is the breach and it shouldn't be done this way so why to allow it? Shouldn't we care the code complies with the specifications to have it done the right way? Michal -- Michal Novotny, RHCE Virtualization Team (xen userspace), Red Hat