Re: [Xen-devel] PATCH: CVE-2007-0998: Remove access to QEMU moni

To:	<caglar@xxxxxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxx>
Subject:	Re: [Xen-devel] PATCH: CVE-2007-0998: Remove access to QEMU monitor in VNC server
From:	Keir Fraser <Keir.Fraser@xxxxxxxxxxxx>
Date:	Sat, 19 May 2007 12:52:26 +0100
Cc:	"Daniel P. Berrange" <berrange@xxxxxxxxxx>
Delivery-date:	Sat, 19 May 2007 04:49:22 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxx
In-reply-to:	<200705191448.37624.caglar@xxxxxxxxxxxxx>
List-help:	<mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id:	Xen developer discussion <xen-devel.lists.xensource.com>
List-post:	<mailto:xen-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender:	xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index:	AceaDCtLagHaYAX/EdyARQAWy6hiGQ==
Thread-topic:	[Xen-devel] PATCH: CVE-2007-0998: Remove access to QEMU monitor in VNC server
User-agent:	Microsoft-Entourage/11.3.3.061214

On 19/5/07 12:48, "S.Çağlar Onur" <caglar@xxxxxxxxxxxxx> wrote:

>>> Same patch applies cleanly on Xen-3.1.0, is it forgetton?
>> 
>> The patch is in 3.1.0.
> 
> Hmm, is that solved another way? Cause according to HG history its first
> committed [1] then reverted [2]?

There's a 'monitor' option in the domain config file, which can be used to
enable the monitor over VNC. It defaults to off, for security, of course.

 -- Keir

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

WARNING - OLD ARCHIVES

xen-devel

Re: [Xen-devel] PATCH: CVE-2007-0998: Remove access to QEMU monitor in V