Hi Thorsten,
> > "A privileged user inside guest could use this flaw to access undue
> > files on the host."
>
> ... you should also cite:
> "... host directory sharing via Plan 9 File System(9pfs) support ..."
>
> The latest news on [1] is from 2008. I am not sure whether there are really
> that much installations in the wild that really use it.
There are several "versions" of Plan 9 currently. The Bell one, which is rather
inactive, and forked one, 9front, which seems to be under active development[0].
> I still think it is not needed.
I wasn't sure whether we should do an LTS upload for qemu or not. That's why I
asked here before claiming qemu in dla-needed. I'll follow the team's decision.
(By the way, *if we do an LTS upload*, shouldn't we include this patch[1][2],
too ?)
Cheers,
Hugo
[0] http://ninetimes.cat-v.org/
[1] http://git.qemu.org/?p=qemu.git;a=commit;h=805b5d98c649d26fc44d2d7755a97f18e62b438a
[2] https://marc.info/?l=oss-security&m=147259351226835&w=2
--
Hugo Lefeuvre (hle) | www.owl.eu.com
4096/ ACB7 B67F 197F 9B32 1533 431C AC90 AC3E C524 065E
Attachment:
signature.asc
Description: PGP signature