Fixes for XSA-482 restrict the privcmd module, which breaks core Qubes functionality (basically any inter-vm communication). XSA-482 doesn't impact Qubes security due to the lack of Secure Boot for VMs anyway, so we can remove restrictions on privcmd until a better fix is available.
(For the corresponding non-grsec Qubes fix, see QubesOS/qubes-linux-kernel#1256 )
Fixes for XSA-482 restrict the
privcmdmodule, which breaks core Qubes functionality (basically any inter-vm communication). XSA-482 doesn't impact Qubes security due to the lack of Secure Boot for VMs anyway, so we can remove restrictions onprivcmduntil a better fix is available.(For the corresponding non-grsec Qubes fix, see QubesOS/qubes-linux-kernel#1256 )