On Thu, Dec 12, 2013 at 05:24:50PM +0100, Vladimir 'phcoder' Serbinenko wrote: > This config has a security problem. If a user has full acces to some > partition (e.g. fto server partition) he can put grub.xen there and load > his own code
Only in the domU context, though. If a user has full access to a guest filesystem then of course they can run code in the domU. This seems unsurprising and not a problem? -- Colin Watson [cjwat...@ubuntu.com] _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
