xen-devel

[Top] [All Lists]

[Xen-devel] Re: [PATCH][Take 2] VNC authentification

from [Anthony Liguori]

[Permanent Link][Original]

To:	Masami Watanabe <masami.watanabe@xxxxxxxxxxxxxx>
Subject:	[Xen-devel] Re: [PATCH][Take 2] VNC authentification
From:	Anthony Liguori <aliguori@xxxxxxxxxx>
Date:	Fri, 29 Sep 2006 09:01:23 -0500
Cc:	Ian Pratt <m+Ian.Pratt@xxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxx, "Daniel P. Berrange" <berrange@xxxxxxxxxx>
Delivery-date:	Fri, 29 Sep 2006 07:02:04 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxx
In-reply-to:	<JX200609291747343.1765484@xxxxxxxxxxxxxx>
List-help:	<mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id:	Xen developer discussion <xen-devel.lists.xensource.com>
List-post:	<mailto:xen-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References:	<3AAA99889D105740BE010EB6D5A5A3B202A3D2@xxxxxxxxxxxxxxxxxxxxxxxxxx> <JX200609291747343.1765484@xxxxxxxxxxxxxx>
Sender:	xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent:	Thunderbird 1.5.0.7 (X11/20060922)

A couple comments:

Does this code actually work? You call vnc_read_when twice in the samefunction. The first one should never get called (it can only be calledfrom the main loop and there can only ever be one outstanding readfunction).

There are a couple weird bits in the code too that I cannot reply to(your mailer is sending the attachment as a octet-stream, please inlinetoo next time you send the patch).


Otherwise, it looks really promising!

Regards,

Anthony Liguori

Masami Watanabe wrote:

Hi,

This is take 2 on VNC authentification.

The specification is as mentioned at
http://lists.xensource.com/archives/html/xen-devel/2006-09/msg00666.html
The difference is follows.
- correction that passes information through xenstore.
- after information is read, qemu deletes information on xenstore.


Signed-off-by: Masami Watanabe <masami.watanabe@xxxxxxxxxxxxxx>

Best regards,
Watanabe


On Tue, 26 Sep 2006 19:23:47 +0100, Ian Pratt wrote:

Thanks all point about security, I'll do as follows.
I thought that the point was the following two.
1. Storage place of encrypted password
  Should I store it in /etc/xen/passwd ?
Or, should I wait for DB of Xen that will be released inthe future?

The xend life cycle management patches were posted by Alistair a couple
of months back. They'll go in early in the 3.0.4 cycle.

  In the latter case, the release time and information, I want you to
  teach it.
  Now, I think we have no choice but to use /etc/xen/passwd.

In the mean time, I'd just out them in the domain config file and change
the default permissions and ownership.

2. Method of Xen VNC Server receiving stored password
By way of xenstore. However, it is necessary to considerxenstore-ls.

It can be passed transiently (i.e. it gets deleted from the store by
qemu-dm)
You need to be root to run xenstore-ls so I'm comfortable with this.

Ian

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [Xen-devel] Individual passwords for guest VNC servers ?, (continued) Re: [Xen-devel] Individual passwords for guest VNC servers ?, Daniel P. Berrange RE: [Xen-devel] Individual passwords for guest VNC servers ?, Ian Pratt Re: [Xen-devel] Individual passwords for guest VNC servers ?, Anthony Liguori Re: [Xen-devel] Individual passwords for guest VNC servers ?, Daniel P. Berrange RE: [Xen-devel] Individual passwords for guest VNC servers ?, Masami Watanabe Re: [Xen-devel] Individual passwords for guest VNC servers ?, Anthony Liguori Re: [Xen-devel] Individual passwords for guest VNC servers ?, Masami Watanabe RE: [Xen-devel] Individual passwords for guest VNC servers ?, Ian Pratt RE: [Xen-devel] Individual passwords for guest VNC servers ?, Masami Watanabe [Xen-devel] [PATCH][Take 2] VNC authentification, Masami Watanabe [Xen-devel] Re: [PATCH][Take 2] VNC authentification, Anthony Liguori <= [Xen-devel] Re: [PATCH][Take 2] VNC authentification, masami . watanabe [Xen-devel] Re: [PATCH][Take 2] VNC authentification, Daniel P. Berrange [Xen-devel] Re: [PATCH][Take 2] VNC authentification, Masami Watanabe

Previous by Date:	[Xen-ia64-devel] Re: [Xen-devel] IPF/Xen VTI domain testing report for Xen 3.0.3 RC1, Keir Fraser
Next by Date:	Re: [Xen-devel] Testing Report for Xen 3.0.3 rc1, Steven Smith
Previous by Thread:	[Xen-devel] [PATCH][Take 2] VNC authentification, Masami Watanabe
Next by Thread:	[Xen-devel] Re: [PATCH][Take 2] VNC authentification, masami . watanabe
Indexes:	[Date] [Thread] [Top] [All Lists]