This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-devel] severe security issue on dom0/xend/xm/non-root users

On Sat, Mar 05, 2005 at 04:53:18PM -0500, Rik van Riel wrote:
> Indeed.  I guess I need to think about restricting connections
> to xend to localhost only - and maybe even through a unix
> domain socket instead of a tcp socket ...

This are my thoughts about this problem:

----- Forwarded message from Bastian Blank <waldi@xxxxxxxxxx> -----

Date: Sat, 5 Mar 2005 13:38:11 +0100
Subject: proposal for xend communication

I tried to construct a secure-by-default communication between xm and
xend and for access to the consoles.

Communication channels:
 * Configuration: UNIX/TCP socket with the possibility to connect to consoles.
   (This may violate the HTTP protocol.)
 * Console: UNIX/TCP socket.
 * Migration: TCP socket.

By default only the configuration unix socket is enabled and secured by
filesystem permissions on the containing directory. Anything else needs
to be enabled in the config. The domain console option is predefined as

The domain config console option is changed to a socket spec.
(Examples: 'unix:/tmp/bla', 'tcp::6703', 'tcp:',

Don't know yet how to specify the configuration and migration sockets in
the overall config.

----- End forwarded message -----


He's dead, Jim.
                -- McCoy, "The Devil in the Dark", stardate 3196.1

Attachment: signature.asc
Description: Digital signature

<Prev in Thread] Current Thread [Next in Thread>