From a1129b9b9c983234df50d8a220ba73ceb7da83f1 Mon Sep 17 00:00:00 2001
From: Rom Walton <rwalton@ssl.berkeley.edu>
Date: Fri, 9 Dec 2011 15:56:55 +0000
Subject: [PATCH] Quick Updates

svn path=/trunk/boinc/; revision=24764
---
 checkin_notes                | 3 +--
 samples/vboxwrapper/vbox.cpp | 7 +++++++
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/checkin_notes b/checkin_notes
index 43f8750699..3908fbdd06 100644
--- a/checkin_notes
+++ b/checkin_notes
@@ -8918,5 +8918,4 @@ Rom    9 Dec 2011
       process for the vm crashes.
       
     samples/vboxwrapper/
-        vbox.cpp, .h
-        vboxwrapper.cpp
+        vbox.cpp
diff --git a/samples/vboxwrapper/vbox.cpp b/samples/vboxwrapper/vbox.cpp
index d525efb304..6973789593 100644
--- a/samples/vboxwrapper/vbox.cpp
+++ b/samples/vboxwrapper/vbox.cpp
@@ -727,6 +727,13 @@ int VBOX_VM::resume() {
 //   shared directory or the VM image itself is NOT signed.  Doing so
 //   opens up the network behind the firewall to attack.
 //
+//   Imagine a doomsday scenario where a project has been compromised and
+//   an unsigned executable/VM image has been tampered with.  Volunteer
+//   downloads compromised code and executes it on a company machine.
+//   Now the compromised VM starts attacking other machines on the company
+//   network.  The company firewall cannot help because the originating
+//   machine is already behind the company firewall.
+//
 int VBOX_VM::set_network_access(bool enabled) {
     string command;
     string output;