On Tue, Mar 06, 2018 at 05:08:43PM +0000, George Dunlap wrote: > We don't promise to protect you against rogue stub domain binaries; > only from the running domain once the guest has come up. > > Signed-off-by: George Dunlap <[email protected]> > --- > CC: Ian Jackson <[email protected]> > CC: Wei Liu <[email protected]> > CC: Andrew Cooper <[email protected]> > CC: Jan Beulich <[email protected]> > CC: Tim Deegan <[email protected]> > CC: Stefano Stabellini <[email protected]> > CC: Konrad Wilk <[email protected]> > CC: Julien Grall <[email protected]> > --- > SUPPORT.md | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/SUPPORT.md b/SUPPORT.md > index a1810b8046..ce9f68e1c2 100644 > --- a/SUPPORT.md > +++ b/SUPPORT.md > @@ -501,6 +501,11 @@ for more information about security support. > > Status: Supported, with caveats > > +Only stub domain binaries provided by the host admin > +or trusted users are security supported;
I'm not sure I follow -- why would / should upstream support a binary that is not produced from upstream source code? Wei. _______________________________________________ Xen-devel mailing list [email protected] https://lists.xenproject.org/mailman/listinfo/xen-devel
