[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] protecting xen startup



On Tue, Nov 23, 2004 at 06:07:52PM +0000, Mark Williamson wrote:
> >i notice that there's a management interface on port 8000.
> 
> There are currently two HTTP-based management interfaces.  Once of them is 
> the Xensv web interface, the other is the Xend HTTP-based API, which is 
> used by both the command line xm tool and Xensv to issue commands to Xend.
> 
> >i seek to protect this interface such that nothing but a trusted program
> >(think selinux) may run, manage, start up or shut down xen oses.
> 
> Currently, anyone who can access Xend's port can issue management 
> commands.  Xend can optionally be configured to only accept connections 
> from localhost, in which case only local users will be able to issue 
> commands to it.

 okay.

 is there anything preventing that interface from being removed, such
 that the client/server bit is munged into a single application?

> >is the port 8000 stuff just providing a web server (/etc/init.d/xend)
> >front-end to some extra system calls?
> 
> Not exactly.  At the Linux Level, there aren't any extra Xen system calls. 
> Most commands are issued to Xen by performing ioctls on the 
> /proc/xen/privcmd file.  

 GREAT.

 that means that it will be possible to lock down at the very least the
 access to /proc/xen and later, should it prove worthwhile, to protect
 each ioctl with a new selinux security id per ioctl command.

> The commands which are issued through this file 
> are largely transparent to XenLinux however, having meaning only when they 
> are parsed by Xen.

 ... that kinda goes without saying :)

> >is the port 8000 stuff actually running in the xen boot-up stuff?
> 
> Xend starts its HTTP interface when it starts up and will do anything the 
> HTTP interface tells it to do.  If Xend isn't running then the HTTP 
> interface is not accessible (but you can't do a lot without Xend).
 
 ... but there's nothing to prevent the merging of the xend and the xm
 programs, bypassing the use of HTTP, right?

 ta,

 l.



-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.