Thanks for the additional details; I do not think this would be a security problem but rather just regular bugs -- the configuration file is similar to typing command line arguments at the shell, since they can specify to write to any file the user has access to, or pass-through PCI devices from the host to guests. It would not be appropriate to use a supplied configuration file without inspecting it first.
Thanks for the additional details; I do not think this would be a security problem but rather just regular bugs -- the configuration file is similar to typing command line arguments at the shell, since they can specify to write to any file the user has access to, or pass-through PCI devices from the host to guests. It would not be appropriate to use a supplied configuration file without inspecting it first.
I've filed a report with upstream bochs bug tracker: https:/ /sourceforge. net/p/bochs/ bugs/1347/
Thanks