Demi Marie Obenour

icon indicating a website link https://demimarie.github.io icon indicating an email [email protected]

icon company @QubesOS icon location Farragut, TN icon location Software developer with an interest in security.

Results 1308 comments of Demi Marie Obenour

`PR_SET_PDEATHSIG` is racy unless there is a check for the parent having already died

> > `PR_SET_PDEATHSIG` can be circumvented by a subsequent call > > I don't know what scenario you have in mind, but if you believe you have found a security...

`PR_SET_PDEATHSIG` is racy unless there is a check for the parent having already died

I tried to get this fixed in the kernel but the maintainers didn't seem to be interested. They recommend using cgroups to ensure that process trees are cleaned up.

Strip leading and trailing whitespace from HTTP/2+ field values

@chandu0525 Can you see if this fixes your problems?

Strip leading and trailing whitespace from HTTP/2+ field values

You'll need to backport the changes to OpenResty's branch yourself.

Strip leading and trailing whitespace from HTTP/2+ field values

recheck

Recover from OpenGL context loss

> #2458 > > It needs plumbing into every plugin that uses OpenGL, and even then, I never got it to work without crashing the whole compositor. See the last...

Port Qubes OS to KVM

I wonder what version of KVM is used by Google Compute Engine. That version has a fantastic security record, IIRC.

Port Qubes OS to KVM

Xen will remain the default, at least for now, due to being significantly more secure.

Port Qubes OS to KVM

I think the main blockers at this point are: - There is currently no implementation of libvchan for KVM. Qubes OS uses libvchan for qubesdb, qrexec, audio, and GUI. -...

Port Qubes OS to KVM

I will also add that, given my past interactions with the Qubes team, I believe that high-quality PRs adding KVM support would be accepted. @fepitre even did some of the...