WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] XCP: Insecure Distro ?

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] XCP: Insecure Distro ?
From: Randy Katz <rkatz@xxxxxxxxxxxxxxxxxxxxx>
Date: Mon, 09 May 2011 17:26:26 -0700
Delivery-date: Mon, 09 May 2011 17:27:52 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <1549157327245455469@unknownmsgid>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <BANLkTinHQJ_eUtfk+4PQudpZX8ZpoEu1yg@xxxxxxxxxxxxxx> <4DC85999.8020407@xxxxxxxx> <BANLkTi=jZGRZ=w+tFBxD0pJ5WKYuirPuRw@xxxxxxxxxxxxxx> <1549157327245455469@unknownmsgid>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.17) Gecko/20110414 Lightning/1.0b2 Thunderbird/3.1.10
Why is flaming always the first line with you people? He brought up 2 very important issues in the
form of questions which should be addressed:

1. Security flaw in XCP?
2. Where are the patches/updates going to come from and how?

If you want to flame someone go ahead and flame me, but Adrien's questions seem sincere and important!

Regards,
Randy Katz

On 5/9/2011 2:51 PM, Chris Petrolino wrote:
Do you know how many "commercial" Linux based appliances there are out
there? How many of them follow the patch cycle of the Linux flavor
they are based on?

Have you offered the community any suggestions on how to improve the
security model of XCP? We are all ears.

As for updates not having the potential to break things, I strongly disagree.

Kind Regards,

Christopher James Petrolino


On May 9, 2011, at 5:30 PM, Adrien Guillon<aj.guillon@xxxxxxxxx>  wrote:

Security updates are common, and generally do not make major interface
changes by design.  I have no desire to update anything aside from
receiving fixes for buffer overflows, or other exploits that are found
in the wild.  The system in question should be in production for
several years, and security patches are inevitable during that period
of time.

It likely took some effort to eliminate /etc/shadow in the first
place, as this has been standard practice for a very long time.  I
will not debate the merits of storing hashes in /etc/passwd or
/etc/shadow because that debate ended a very long time ago.  Quite
simply this distro has a major security flaw.


On Mon, May 9, 2011 at 5:16 PM, riki<phobie@xxxxxxxx>  wrote:
Well, you are right from the multi-user point of view regarding the passwd
file, but XCP is designed as appliance, xe utility or something speaking
xapi is a way of interfacing it, no user other than root should access dom0.

Updates - question of stability, i hope you do not want to risk reload of
all your VM`s due to libc changes or something like that :).  You need to
update what? Xen hypervisor? Openvswitch, xapi toolstack? Everything should
be locked down on lower levels (network access to dom0, physical access to
appliances).

Try to change the point of view and stop looking at it as a standard
multiuser linux enviroment.

r.

On 05/09/2011 10:41 PM, Adrien Guillon wrote:
Hello mailing list!

I have been working with XCP a little bit, and I have the impression
that this distro is insecure.  First, it does not look like update
repositories are enabled inside /etc/yum.repos.d, although I'm from an
apt background so I may be misinterpreting that.  Where will my
security updates come from?

Next, it appears that the root password hash is directly stored inside
/etc/passwd, which is set to world-readable!  There does not appear to
be an /etc/shadow file at all.

Unfortunately I am dropping the distro entirely due to security
concerns, I hope that these problems can be fixed.

AJ

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users