Re: [PATCH] docs: security: ipe: fix typos and grammar

Next message: Tejun Heo: "Re: [PATCH] sched_ext: Use READ_ONCE() for the read side of dsq-&gt;seq update"
Previous message: syzbot: "Re: [syzbot] [bridge?] KMSAN: uninit-value in netif_skb_features (4)"
In reply to: Randy Dunlap: "Re: [PATCH] docs: security: ipe: fix typos and grammar"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Bagas Sanjaya

Date: Sun Mar 08 2026 - 03:48:34 EST

On Sat, Mar 07, 2026 at 10:16:33PM -0500, Evan Ducas wrote:
> As requirements change over time (vulnerabilities are found in previously
> -trusted applications, keys roll, etcetera). Updating a kernel to change the
> +trusted applications, keys roll, etcetera). Updating a kernel to change to
> meet those security goals is not always a suitable option, as updates are not
> always risk-free, and blocking a security update leaves systems vulnerable.
> This means IPE requires a policy that can be completely updated (allowing

As requirements change over time ..., updating a kernel to meet ..., yet
blocking a security update ... .

Thanks.

--
An old man doll... just what I always wanted! - Clara

Attachment: signature.asc
Description: PGP signature