WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

Re: [Xen-devel] [PATCH] Scrub vnc password for vfb

To: Masaki Kanno <kanno.masaki@xxxxxxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [Xen-devel] [PATCH] Scrub vnc password for vfb
From: Keir Fraser <Keir.Fraser@xxxxxxxxxxxx>
Date: Tue, 05 Feb 2008 08:45:10 +0000
Delivery-date: Tue, 05 Feb 2008 00:45:04 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <48C867CB54FB42kanno.masaki@xxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: Achn02pYqSyTjtPGEdyPeQAWy6hiGQ==
Thread-topic: [Xen-devel] [PATCH] Scrub vnc password for vfb
User-agent: Microsoft-Entourage/11.3.6.070618
This leads to a question -- should xend.log (and our other log files) be
world readable in the first place?

If we want to change it we may have to hack the logging package a bit, as it
seems that Python's open() function calls fopen() which does not allow you
to manually specify access permissions. Although we could have xend set its
umask to 0770. Maybe that would break other stuff though?

 -- Keir

On 5/2/08 07:47, "Masaki Kanno" <kanno.masaki@xxxxxxxxxxxxxx> wrote:

> Hi,
> 
> I saw the vnc password in xend.log as follows.
> 
> [2008-02-05 10:35:08 6412] DEBUG (DevController:119) DevController:
> writing {'vncunused': '1', 'domain': 'rhel4VTI', 'frontend': '/local/
> domain/1/device/vfb/0', 'uuid': 'e8e7f9db-e104-7d4a-36bd-d5f09ab34378',
> 'vncpasswd': 'test', 'state': '1', 'online': '1', 'frontend-id': '1',
> 'type': 'vnc'} to /local/domain/0/backend/vfb/1/0.
> 
> This patch scrubs it as follows.
> 
> [2008-02-05 16:23:23 11188] DEBUG (DevController:120) DevController:
> writing {'vncunused': '1', 'domain': 'rhel4VTI', 'frontend': '/local/
> domain/2/device/vfb/0', 'uuid': '53f05d3f-9994-bdd7-2293-d60c22b0568b',
> 'vncpasswd': 'XXXXXXXX', 'state': '1', 'online': '1', 'frontend-id': '2',
> 'type': 'vnc'} to /local/domain/0/backend/vfb/2/0.
> 
> 
> Signed-off-by: Masaki Kanno <kanno.masaki@xxxxxxxxxxxxxx>
> 
> Best regards,
>  Kan
> 
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-devel



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

<Prev in Thread] Current Thread [Next in Thread>