|
|
@@ -25,9 +25,8 @@ user ALL=(ALL) NOPASSWD: ALL
|
|
|
# and for sure, root/user isolation is not a mitigating factor.
|
|
|
#
|
|
|
# Because, really, if somebody could find and exploit a bug in the Xen
|
|
|
-# hypervisor -- so far there has been only one (!) publicly disclosed
|
|
|
-# exploitable bug in the Xen hypervisor from a VM, found in 2008,
|
|
|
-# incidentally by one of the Qubes developers (RW) -- then it would be
|
|
|
+# hypervisor -- as of 2016, there have been only three publicly disclosed
|
|
|
+# exploitable bugs in the Xen hypervisor from a VM -- then it would be
|
|
|
# highly unlikely that that person couldn't also find a user-to-root
|
|
|
# escalation in the VM (which as we know from history of UNIX/Linux
|
|
|
# happens all the time).
|
Andrew David Wong