WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] protecting xen startup

from [Charles Coffing] [Permanent Link][Original]
To: <xen-devel@xxxxxxxxxxxx>, <lkcl@xxxxxxxx>
Subject: Re: [Xen-devel] protecting xen startup
From: "Charles Coffing" <ccoffing@xxxxxxxxxx>
Date: Tue, 23 Nov 2004 10:33:31 -0700
Delivery-date: Tue, 23 Nov 2004 17:35:06 +0000
Envelope-to: xen+James.Bulpin@xxxxxxxxxxxx
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>
List-post: <mailto:xen-devel@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
Sender: xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx 
Right, xend is just an HTTP interface to Xen via system calls or ioctls 
(xend <--> linux <--> Xen).

There's also a daemon (xfrd) running on 8002.

There currently is no authentication on either port.

In the source tree, look at docs/misc/xend.tex, although some details
are out of date.


HTH,
Charles
 
 
>>>Luke Kenneth Casson Leighton <lkcl@xxxxxxxx> 11/23/04 10:05 am >>> 
hi, 
 
i notice that there's a management interface on port 8000. 
 
i seek to protect this interface such that nothing but a trusted program

(think selinux) may run, manage, start up or shut down xen oses. 
 
so: where can i find out information about the structure of the 
xen management interface? 
 
is the port 8000 stuff just providing a web server (/etc/init.d/xend) 
front-end to some extra system calls? 
 
is the port 8000 stuff actually running in the xen boot-up stuff? 
 
if it's some extra system calls that's very good because it will be 
possible to add selinux security hooks to protect each system call. 
 
ta, 
 
l. 
 
-- 
-- 
<a href="http://lkcl.net";>http://lkcl.net</a> 
-- 
 
 
------------------------------------------------------- 
SF email is sponsored by - The IT Product Guide 
Read honest & candid reviews on hundreds of IT Products from real users.

Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/ 
 
Xen-devel mailing list 
Xen-devel@xxxxxxxxxxxxxxxxxxxxx 
https://lists.sourceforge.net/lists/listinfo/xen-devel 


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] double or triple access to ext2, ext3 or other partitions, Mark Williamson
Next by Date:  Re: [Xen-devel] memory and cpu usage, Rik van Riel
Previous by Thread:  Re: [Xen-devel] protecting xen startup, Mark Williamson
Next by Thread:  Re: [Xen-devel] protecting xen startup, Mike Wray
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy