Comment 1 for bug 1739593
Revision history for this message
| Matthew Booth (mbooth-9) wrote Re: Swapping encrypted volumes can lead to data loss and a possible compute host DOS attack | #1 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
I think the priority here is that the user loses their data. The DoS potential is real, but relatively inefficient. I think we could use a CVE to communicate the problem to users, but I don't think this particular issue is important enough to jump through secrecy hoops while we work on the data-loss bug.
I would personally be in favour of early disclosure, handling this openly, and getting it done quickly. We could possibly leave disclosure til early January, though, as we're unlikely to even start work on the fix until then. I'll obviously defer to the VMT and the reporter, just my 2c.