WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] xm create as root vs xm destroy as normal user

from [Josh Triplett] [Permanent Link][Original]
To: tanner@xxxxxxxxxxxxx
Subject: Re: [Xen-devel] xm create as root vs xm destroy as normal user
From: Josh Triplett <josht@xxxxxxxxxx>
Date: Mon, 27 Jun 2005 11:01:17 -0700
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 27 Jun 2005 18:00:24 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <200506271242.42327@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <200506241724.18807@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <b1fa291705062516522517fb81@xxxxxxxxxxxxxx> <200506271242.42327@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
On Mon, 2005-06-27 at 12:42 -0500, Bob Tanner wrote:
> On Saturday 25 June 2005 06:52 pm, Kip Macy wrote:
> > There is currently no notion of capabilities. In 3.0 the default
> > communication path between xm and xend is now a unix domain socket so
> > by default only root can execute xm commands.
> 
> I'm sorry, I do not understand the answer. The "no notion of capabilities", 
> does that mean "yes, non-root users can stop Xen sessions in 2.x"?

It means that there was no security whatsoever on the communication
channel to xend.  AFAIK, anyone who could connect to a local port was
permitted to issue any commands to xend, including stopping a Xen
session.  That is fixed in Xen 3.0 by using a unix domain socket by
default, which can have filesystem permissions set on it.  If you need
some protection in Xen 2.0, you should set up firewall rules to restrict
access to the xend port (and the various domain console ports as well);
iptables can filter on local user/group information, which might be
useful for that purpose.

- Josh Triplett



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] xm create as root vs xm destroy as normal user, Bob Tanner
Next by Date:  Re: [Xen-devel] xm create as root vs xm destroy as normal user, Mark Williamson
Previous by Thread:  Re: [Xen-devel] xm create as root vs xm destroy as normal user, Bob Tanner
Next by Thread:  Re: [Xen-devel] xm create as root vs xm destroy as normal user, Mark Williamson
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy