Luwei Cheng writes ("Re: Backport request "libxl: In libxl_set_vcpuonline check
for maximum number of VCPUs against the cpumap." (Was: Re: [Bug report]
Security issue in "xl vcpu-set")"):
> Some third-part management tools might be built directly above xl.
> Perhaps they can not rely on "Ctrl-C"..
In general callers of libxl will not be built to raise SIGINT. For
example, if libvirt called this function in a way that triggers the
bug, there wouldn't be any reasonable way to recover control.
I'm afraid I'm still not clear about when the failure can be triggered
by an attacker.
Ian.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
