On Mon, Dec 14, 2009 at 09:32:30PM +0100, Gerd Hoffmann wrote: > On 12/14/09 21:20, Michael S. Tsirkin wrote: >>> So far, it's not clear to me that anyone has demonstrated how this is >>> harmful for people that don't want pxe booting. Assuming we fix the bug >>> about rom loading, then there's really no impact to users. > > Fix (v2) is on the list already. > >> PXE booting might have security impact. You do not want to >> do this if you are on a hostile network. > > Option rom loaded doesn't imply pxe boot will be tried. It only means > PXE boot can be selected, either via > > -boot order=[something with 'n' here] > > or via > > -boot menu=on + F12 + picking menu entry > > By default qemu doesn't try to PXE-boot, even if no other bootable > device is available. > > cheers, > Gerd
I guess so. But then, why are we loading it in BIOS and wasting memory? Let's only shadow the ROM when PXE is selected? -- MST
