WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

RE: [Xen-devel] [PATCH] xen-2.0: privileged port connections

To: "Kurt Garloff" <garloff@xxxxxxx>, "Anthony Liguori" <aliguori@xxxxxxxxxx>
Subject: RE: [Xen-devel] [PATCH] xen-2.0: privileged port connections
From: "Ian Pratt" <m+Ian.Pratt@xxxxxxxxxxxx>
Date: Wed, 23 Mar 2005 17:43:22 -0000
Cc: "Xen development list" <xen-devel@xxxxxxxxxxxxxxxxxxxxx>, <ian.pratt@xxxxxxxxxxxx>
Delivery-date: Wed, 23 Mar 2005 17:49:07 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>
List-post: <mailto:xen-devel@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
Sender: xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx
Thread-index: AcUvyiVRnGOKZZS/TpWxtiW0QIUYowABBGMQ
Thread-topic: [Xen-devel] [PATCH] xen-2.0: privileged port connections
> > 1) ports < 1024 are reserved although 732 is currently unassigned
> 
> Note that NFS uses such ports without asking prior permission.
> I chose 732 because it's unassigned indeed.

Grabbing any port <1024 should do, there's no need to just go for 732,
but have a series of ports that are tried. 
 
> > 2) unix domain sockets would solve the same problem
> 
> Yes. There's one but: 
> 
> With the patch you can currently configure xend from completely
> open (xend-address '' and xend-privileged-port 0)
> to closed (xend-address 'localhost' and xend-privileged-port 1)
> except for root (and stuff I overlooked or did not do yet).
> 
> If you go for Unix Domain Sockets instead TCP, you lose the ability
> of remote control. Unless you support both.
> 
> I did not investigate how difficult to do that would be.
> If you have a patch, I'd volunteer to review :-)

For Xen 2.x, unix domain sockets would be too much of a pain to
implement over Twisted. Kurt's approach gets us closer toward 'secure by
default'.

Xen 3 will be very different.

> > 4) you still have to find a way to deal with the consoles
> 
> Before I start working on getting the consoles under control, I 
> wanted to see whether this approach is acceptable at all.

I think it's a good band-aid.

Perhaps a better way to handle consoles would be to use 'screend', and
then have incoming ssh connections dispatched to particular screen
sessions.
 
> > 5) you still have to deal with xfrd
> 
> It seems to listen on *:8002 ... 
> Is there no authentication either? Sigh.
> 
> And we probably need to look into the event channel (8001) as well.

Xfrd needs an option to listen only on localhost. (It's still needed for
save/restore even if you don't use migrate).

The event channel only ever needs to be localhost (and could probably be
turned into a unix domain socket quite easily).


Ian


-------------------------------------------------------
This SF.net email is sponsored by Microsoft Mobile & Embedded DevCon 2005
Attend MEDC 2005 May 9-12 in Vegas. Learn more about the latest Windows
Embedded(r) & Windows Mobile(tm) platforms, applications & content.  Register
by 3/29 & save $300 http://ads.osdn.com/?ad_idh83&alloc_id149&op=click
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel

<Prev in Thread] Current Thread [Next in Thread>