WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/

Home

xen-devel

[Top] [All Lists]

[Xen-devel] [PATCH] xen-2.0: privileged port connections

from [Kurt Garloff]

[Permanent Link][Original]

To:	Xen development list <xen-devel@xxxxxxxxxxxxxxxxxxxxx>
Subject:	[Xen-devel] [PATCH] xen-2.0: privileged port connections
From:	Kurt Garloff <garloff@xxxxxxx>
Date:	Wed, 23 Mar 2005 13:36:39 +0100
Delivery-date:	Wed, 23 Mar 2005 14:37:01 +0000
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
List-archive:	<http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help:	<mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id:	List for Xen developers <xen-devel.lists.sourceforge.net>
List-post:	<mailto:xen-devel@lists.sourceforge.net>
List-subscribe:	<https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe:	<https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
Organization:	SUSE/Novell
Sender:	xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx
User-agent:	Mutt/1.5.6i

Hi,

as discussed previously, I went ahead and introduced a setting that
allows you to restrict the stuff you can when controlling xen by
connecting to the port 8000 unless you connect from a privileged
port.

I did not yet bother to look at the event port nor did I try to address
the consoles. The consoles will be done in a second patch if this 
approach is deemed appropriate. 

Note that I also do still allow unprivileged connections still to gather
most of the information. This can be debated, but I'm not such a big fan
of security by obscurity.

I hope I did not miss anything important for the control stuff.

The patch also fixes one typo (missing ") in SrvNode.py.

Regards,
-- 
Kurt Garloff                   <kurt@xxxxxxxxxx>             [Koeln, DE]
Physics:Plasma modeling <garloff@xxxxxxxxxxxxxxxxxxx> [TU Eindhoven, NL]
Linux: SUSE Labs (Director)    <garloff@xxxxxxx>            [Novell Inc]

xen-secure.diff
Description: Text document

pgpQPKCcTPsw0.pgp
Description: PGP signature

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-devel] [PATCH] xen-2.0: privileged port connections, Kurt Garloff <= Re: [Xen-devel] [PATCH] xen-2.0: privileged port connections, Anthony Liguori Re: [Xen-devel] [PATCH] xen-2.0: privileged port connections, Kurt Garloff Re: [Xen-devel] [PATCH] xen-2.0: privileged port connections, Anthony Liguori Re: [Xen-devel] [PATCH] xen-2.0: privileged port connections, Kurt Garloff Re: [Xen-devel] [PATCH] xen-2.0: privileged port connections, Anthony Liguori Re: [Xen-devel] [PATCH] xen-2.0: privileged port connections, Rik van Riel Re: [Xen-devel] [PATCH] xen-2.0: privileged port connections, Nivedita Singhvi Re: [Xen-devel] [PATCH] xen-2.0: privileged port connections, David Hopwood RE: [Xen-devel] [PATCH] xen-2.0: privileged port connections, Ian Pratt Re: [Xen-devel] [PATCH] xen-2.0: privileged port connections, Ryan Harper

Previous by Date:	Re: [Xen-devel] [PATCH] libxen-3.0 (libxc rewrite), Jeremy Katz
Next by Date:	Re: [Xen-devel] domain state blocked?, M.A. Williamson
Previous by Thread:	[Xen-devel] CONFIG_IP_PNP_DHCP=y, Marcus Hardt
Next by Thread:	Re: [Xen-devel] [PATCH] xen-2.0: privileged port connections, Anthony Liguori
Indexes:	[Date] [Thread] [Top] [All Lists]

This site is hosted by Citrix