WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] Finer access control framework over users, domains and o

from [Ian Jackson] [Permanent Link][Original]
To: Syunsuke HAYASHI <syunsuke@xxxxxxxxxxxxxx>
Subject: Re: [Xen-devel] Finer access control framework over users, domains and operations.
From: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>
Date: Fri, 30 May 2008 14:41:59 +0100
Cc: xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Fri, 30 May 2008 06:42:30 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <483FD017.3010008@xxxxxxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
References: <48311B5E.2060100@xxxxxxxxxxxxxx> <18481.21663.161348.181541@xxxxxxxxxxxxxxxxxxxxxxxx> <483FD017.3010008@xxxxxxxxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
Syunsuke HAYASHI writes ("Re: [Xen-devel] Finer access control framework over 
users,    domains and operations."):
> We understand that the implementation of the ACM on the web layer is easy.
> But we think that basic control tools of Xen (xm and libvirt) also need 
> the ACM

I see.  Why ?

> It is necessary to realize the ACM which considers users, domains and 
> operations.
> We only know ways that control by the unit of users or processes.
> Please let us know if there are other tools or ways that realize the ACM.

I'm not sure what you mean by `realise the ACM'.  Earlier you said
`ACM' stood for `Access Control Module' which I'll take to assume
means just some kind of access control facility.  I assume `realise'
means `have.

So you seem to be saying that you need an access control facility that
`considers users, domains and operations'.  That kind of access
control seems to be exactly what is easily done at a web ui layer, as
I said.

Perhaps `Access Control Module' means something more specific.  If so
then what kind of something ?  And why do you need that rather than
another solution ?

It would be most helpful if you described your ultimate objectives, in
a solution-neutral way.

Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] [PATCH] QEMU "drive_init()" Disk Format Security Bypass, Ian Jackson
Next by Date:  Re: [Xen-devel] [PATCH] Add xen_phys_start value in the crash info note, Keir Fraser
Previous by Thread:  Re: [Xen-devel] Finer access control framework over users, domains and operations., Syunsuke HAYASHI
Next by Thread:  [Xen-devel] [PATCH] Fix showing of CPU Affinity by xm vcpu-list, Masaki Kanno
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy