WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/

Home

xen-users

[Top] [All Lists]

Re: [Xen-users] XCP: Insecure Distro ?

from [A Cold Penguin]

[Permanent Link][Original]

To:	<xen-users@xxxxxxxxxxxxxxxxxxx>
Subject:	Re: [Xen-users] XCP: Insecure Distro ?
From:	A Cold Penguin <verycoldpenguin@xxxxxxxxxxx>
Date:	Tue, 10 May 2011 07:16:12 +0000
Delivery-date:	Tue, 10 May 2011 00:17:48 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
Importance:	Normal
List-help:	<mailto:xen-users-request@lists.xensource.com?subject=help>
List-id:	Xen user discussion <xen-users.lists.xensource.com>
List-post:	<mailto:xen-users@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender:	xen-users-bounces@xxxxxxxxxxxxxxxxxxx

> The points highlighted don't represent security risks if the dom0 is
> properly isolated on a secure management network.

Unfortunately there are some situations where even having an air-gap between networks, is not considered secure enough.
Having the password hashes in world-readable files is basically a no-no, and would mean that this product could not go into production use.
Basically this appears to be a relaxation in security against the 'norm', if this is only required due to keeping different pool members in sync,
I think that investigation should be made into an alternative method of synchronising the members.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [Xen-users] XCP: Insecure Distro ?, (continued) Re: [Xen-users] XCP: Insecure Distro ?, Jonathan Tripathy Re: [Xen-users] XCP: Insecure Distro ?, riki Re: [Xen-users] XCP: Insecure Distro ?, Adrien Guillon Re: [Xen-users] XCP: Insecure Distro ?, Chris Petrolino Re: [Xen-users] XCP: Insecure Distro ?, Randy Katz Re: [Xen-users] XCP: Insecure Distro ?, Christopher J Petrolino Re: [Xen-users] XCP: Insecure Distro ?, Eduardo Bragatto Re: [Xen-users] XCP: Insecure Distro ?, Joseph Glanville Re: [Xen-users] XCP: Insecure Distro ?, Christopher J Petrolino Re: [Xen-users] XCP: Insecure Distro ?, Fajar A. Nugraha Re: [Xen-users] XCP: Insecure Distro ?, A Cold Penguin <= Re: [Xen-users] XCP: Insecure Distro ?, Joseph Glanville RE: [Xen-users] XCP: Insecure Distro ?, admin Re: [Xen-users] XCP: Insecure Distro ?, Adrien Guillon Re: [Xen-users] XCP: Insecure Distro ?, Fajar A. Nugraha Re: [Xen-users] XCP: Insecure Distro ?, Jonathan Tripathy Re: [Xen-users] XCP: Insecure Distro ?, Jonathan Tripathy Re: [Xen-users] XCP: Insecure Distro ?, Michael South Re: [Xen-users] XCP: Insecure Distro ?, Michael South Re: [Xen-users] XCP: Insecure Distro ?, Adrien Guillon Re: [Xen-users] XCP: Insecure Distro ?, Michael South

Previous by Date:	Re: [Xen-users] virt-install error while starting vm installation on Centos 5.5, xen3.2, Mithun Gore
Next by Date:	Re: [Xen-users] Intermittent network in HVM domU, Mark Dokter
Previous by Thread:	Re: [Xen-users] XCP: Insecure Distro ?, Fajar A. Nugraha
Next by Thread:	Re: [Xen-users] XCP: Insecure Distro ?, Joseph Glanville
Indexes:	[Date] [Thread] [Top] [All Lists]

This site is hosted by Citrix