WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] severe security issue on dom0/xend/xm/non-root users

from [Anthony Liguori] [Permanent Link][Original]
To: david.nospam.hopwood@xxxxxxxxxxxxxxxx
Subject: Re: [Xen-devel] severe security issue on dom0/xend/xm/non-root users
From: Anthony Liguori <aliguori@xxxxxxxxxx>
Date: Sat, 05 Mar 2005 01:54:52 -0600
Cc: xen-devel@xxxxxxxxxxxxxxxxxxxxx
Delivery-date: Sat, 05 Mar 2005 07:58:37 +0000
Envelope-to: xen+James.Bulpin@xxxxxxxxxxxx
In-reply-to: <42292428.6040307@xxxxxxxxxxxxxxxx>
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>
List-post: <mailto:xen-devel@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
Organization: IBM
References: <Pine.LNX.4.58.0503041118010.13626@xxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <1109962904.2746.12.camel@localhost> <4228B4D3.8020909@xxxxxxxxxxxxx> <1109965655.3355.8.camel@localhost> <42292428.6040307@xxxxxxxxxxxxxxxx>
Sender: xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0 (X11/20041206) 
David Hopwood wrote:


There are several techniques you could be referring to:

<http://www.whitefang.com/sup/secure-faq.html#LOCAL4>
<http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/sockets.html>
but they all sound to me like complicated and nonportable hacks. Which one 
did you mean?
SCM_CREDENTIALS on Linux, SCM_CREDS on some versions of BSD, SO_PEERNAME on some other Unices.
They all do just about the same thing. Just have to choose the right mechanism at compile time. 

Regards,
Anthony Liguori



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-devel] network stability with 100Mbit, Kip Macy
Next by Date:  Re: [Xen-devel] compiling Xen on x86_64 machines, Franck
Previous by Thread:  Re: [Xen-devel] severe security issue on dom0/xend/xm/non-root users, David Hopwood
Next by Thread:  Re: [Xen-devel] severe security issue on dom0/xend/xm/non-root users, Adam Heath
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy