Re: [Xen-devel] [PATCH] xenstored: allow guests to reintroduce t

xen-devel

Re: [Xen-devel] [PATCH] xenstored: allow guests to reintroduce themselve

To:	Vincent Hanquez <vincent.hanquez@xxxxxxxxxxxxx>
Subject:	Re: [Xen-devel] [PATCH] xenstored: allow guests to reintroduce themselves
From:	Olaf Hering <olaf@xxxxxxxxx>
Date:	Tue, 9 Aug 2011 12:49:56 +0200
Cc:	"xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>
Delivery-date:	Tue, 09 Aug 2011 03:51:45 -0700
Dkim-signature:	v=1; a=rsa-sha1; c=relaxed/relaxed; t=1312887072; l=577; s=domk; d=aepfle.de; h=In-Reply-To:Content-Type:MIME-Version:References:Subject:Cc:To:From: Date:X-RZG-CLASS-ID:X-RZG-AUTH; bh=jWe/xRY3s40reiXmgOH8wJTdCY8=; b=Db/qjHc8R4Dg5332DlAnn5WwmS7YwqrDycsLvZUMS/048mUi/zrX28QVRX+WExbRu5S Z98g/rYEhplyzqxvKfVIKMMIPrpL5DNLuFqVPQffG8Ob67d0JHimA89iQl9vfAzMFQBLl KqcfsKjrDqCk3JRm57f5iQJouIGWWdqh2tE=
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to:	<4E41070D.8020009@xxxxxxxxxxxxx>
List-help:	<mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id:	Xen developer discussion <xen-devel.lists.xensource.com>
List-post:	<mailto:xen-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References:	<edb96c34f4a638e8ba97.1312202316@xxxxxxxxxxxx> <4E41070D.8020009@xxxxxxxxxxxxx>
Sender:	xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent:	Mutt/1.5.21.rev5535 (2011-07-01)

On Tue, Aug 09, Vincent Hanquez wrote:

> What about security wise ?

Its not about security, just the usual UNIX gun->foot thing.

> Guest userspace suddenly becomes able to do this operation (and DoS themself)
> where they used to be limited to normal read/write/.. operations.

The guest userspace does most likely not talk to xenstored directly.
Whatever acts as the proxy could filter the XS_INTRODUCE command.

> Also you're changing the C xenstored behavior without changing
> the OCaml one.

I better leave that to the maintainers of that code.

Olaf

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [Xen-devel] [PATCH] xenstored: allow guests to reintroduce themselves, Vincent Hanquez

Next by Date:

Re: [Xen-devel] [PATCH] xenstored: allow guests to reintroduce themselves, Keir Fraser

Previous by Thread:

Re: [Xen-devel] [PATCH] xenstored: allow guests to reintroduce themselves, Vincent Hanquez

Next by Thread:

Re: [Xen-devel] [PATCH] xenstored: allow guests to reintroduce themselves, Ian Jackson

Indexes:

[Date] [Thread] [Top] [All Lists]

WARNING - OLD ARCHIVES

xen-devel

Re: [Xen-devel] [PATCH] xenstored: allow guests to reintroduce themselve