WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/

Home

xen-devel

[Top] [All Lists]

Re: [Xen-devel] Instant Xen guest (guest-magic tool)

from [Steve Kemp]

[Permanent Link][Original]

To:	Gaurav Maheshbhai Patel <gmpatel@xxxxxxxxxxxxxxxxxxx>
Subject:	Re: [Xen-devel] Instant Xen guest (guest-magic tool)
From:	Steve Kemp <steve@xxxxxxxxxxxx>
Date:	Sun, 15 Apr 2007 01:19:06 +0100
Cc:	xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date:	Sat, 14 Apr 2007 17:17:57 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxx
In-reply-to:	<f515dd3a12b.4620a42e@xxxxxxxxxxxxxxxxxxx>
List-help:	<mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id:	Xen developer discussion <xen-devel.lists.xensource.com>
List-post:	<mailto:xen-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References:	<f3899b7e228e.461c06f2@xxxxxxxxxxxxxxxxxxx> <20070411090617.GA24664@xxxxxxxxxxxx> <f45a617d6bae.461ce89b@xxxxxxxxxxxxxxxxxxx> <20070411224200.GA18960@xxxxxxxxxxxx> <fc7a6e411b6a.461e236b@xxxxxxxxxxxxxxxxxxx> <20070412185212.GA1484@xxxxxxxxxxxx> <f515dd3a12b.4620a42e@xxxxxxxxxxxxxxxxxxx>
Sender:	xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent:	Mutt/1.5.13 (2006-08-11)

On Sat, Apr 14, 2007 at 09:51:42AM -0500, Gaurav Maheshbhai Patel wrote:

> The comment on /tmp/guestmagic was really good.
> I was wondering what if we use /tmp/$$ 
> 
> >     commands.getoutput('xm list > /tmp/$$')
> 
> Is it create the same problem as /tmp/guestmagic?

  Pretty much.  Process IDs are still *predictable* since they
 tend to be sequential under most systems.

  Still this is better than a static name.  You should really
 use a pipe.  If you can't then use a secure filename which
 can't be guessed by a local user.

  This is pretty off-topic for the xen list though, so I'll
 just suggest you look at the Secure Programming Howto:

    http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/index.html

 Specifically the section on temporary files being used in 
 races.

Steve
-- 

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-devel] Instant Xen guest (guest-magic tool), Gaurav Maheshbhai Patel Re: [Xen-devel] Instant Xen guest (guest-magic tool), Steve Kemp Re: [Xen-devel] Instant Xen guest (guest-magic tool), Gaurav Maheshbhai Patel Re: [Xen-devel] Instant Xen guest (guest-magic tool), Steve Kemp Re: [Xen-devel] Instant Xen guest (guest-magic tool), Gaurav Maheshbhai Patel Re: [Xen-devel] Instant Xen guest (guest-magic tool), Steve Kemp Re: [Xen-devel] Instant Xen guest (guest-magic tool), Gaurav Maheshbhai Patel Re: [Xen-devel] Instant Xen guest (guest-magic tool), Steve Kemp <= Re: [Xen-devel] Instant Xen guest (guest-magic tool), Gaurav Maheshbhai Patel Re: [Xen-devel] Instant Xen guest (guest-magic tool), Tom Wisniewski

Previous by Date:	[Xen-devel] Re: Adding PTE Flag during Page Fault, Joe Laws
Next by Date:	RE: [Xen-devel] question on get_page_and_type(), Ian Pratt
Previous by Thread:	Re: [Xen-devel] Instant Xen guest (guest-magic tool), Gaurav Maheshbhai Patel
Next by Thread:	Re: [Xen-devel] Instant Xen guest (guest-magic tool), Gaurav Maheshbhai Patel
Indexes:	[Date] [Thread] [Top] [All Lists]

This site is hosted by Citrix