WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] [PATCH] tools: add XS_RESTRICT operation to C xenstore c

from [Keir Fraser] [Permanent Link][Original]
To: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, Tim Deegan <Tim.Deegan@xxxxxxxxxxxxx>
Subject: Re: [Xen-devel] [PATCH] tools: add XS_RESTRICT operation to C xenstore client libs.
From: Keir Fraser <keir.fraser@xxxxxxxxxxxxx>
Date: Fri, 2 Jul 2010 18:43:39 +0100
Cc: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date: Fri, 02 Jul 2010 10:44:36 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <19502.6363.477323.378577@xxxxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcsaBtRzq5y8nRFrRSultmtjOKgHiQAB0ZAu
Thread-topic: [Xen-devel] [PATCH] tools: add XS_RESTRICT operation to C xenstore client libs.
User-agent: Microsoft-Entourage/12.24.0.100205 
On 02/07/2010 17:50, "Ian Jackson" <Ian.Jackson@xxxxxxxxxxxxx> wrote:

> Tim Deegan writes ("[Xen-devel] [PATCH] tools: add XS_RESTRICT operation to C
> xenstore client libs."):
>> The OCaml xenstored supports the XS_RESTRICT operation, which
>> deprivileges a dom0 xenstore connection so it can only affect one
>> domain's entries.   Add the relevant definitions to the C libraries
>> so that callers can use it.
> 
> Can you explain what this is for, please ?  If it's for security
> against a hostile caller, what prevents the caller from simply opening
> another xenstore connection ?

A daemon like qemu-dm can do privileged things like opening a xenstore
connection, and then deprivilege itself via setuid() before handling I/O
requests and exposing itself on that particular attack front. XS_RESTRICT
allows such a service to further and more precisely deprivilege itself.

 -- Keir



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: [Xen-devel] Re: [PATCH 0/12] PV on HVM Xen, Stefano Stabellini
Next by Date:  [Xen-devel] Re: [PATCH] AMD OSVW (OS Visible Workaround) for Xen, Keir Fraser
Previous by Thread:  Re: [Xen-devel] [PATCH] tools: add XS_RESTRICT operation to C xenstore client libs., Ian Jackson
Next by Thread:  [Xen-devel] [PATCH] pygrub: fix a typo, Tim Deegan
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy