On 2019-08-23T12:58:43-0400, Laurent Vivier <laur...@vivier.eu> wrote:
> Le 07/08/2019 à 15:54, d...@linutronix.de a écrit : > > From: Olivier Dion <d...@linutronix.de> > > > > If not handled, QEMU will execve itself instead of the emulated > > process. This could result in potential security risk. > > > Could you explain what you mean by potential security risk? I don't have any exploit in mind, but someone motivated enough could certainly find one. For example, it's possible to ask qemu static to execute another program. The main point is that an emulator should never leak informations to its environnement. If the emulated program can determine that it is being emulated, other than by an "official" way, then the emulator is at fault. -- Olivier Dion Polymtl
