On 17.02.26 18:27, Markus Armbruster wrote:
Vladimir Sementsov-Ogievskiy <[email protected]> writes:
On 17.02.26 12:03, Markus Armbruster wrote:
Vladimir Sementsov-Ogievskiy <[email protected]> writes:
Remove desc, avail, and used fields as they expose process address space
information and violate ASLR.
Isn't the user of the monitor trusted?
I don't know exactly the policy here. If keep these fields, their semantics
will change anyway with these series. So I decided, it's simpler to drop
them (if no objections), keeping in mind experimental status of the command
and ASLR.
The monitor lets you read arbitrary virtual and physical guest memory.
Feels trusted to me :)
"Violate ASLR" suggests security is at stake somehow. I doubt it is.
"will change anyway" and "it's simpler to drop them" makes me suspect
they're not useful enough to be worth their keep. If this is the actual
reason for dropping them, please rewrite your commit message to say so.
OK, will do
--
Best regards,
Vladimir
