|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] I/O port access permission
On 1 Aug 2006, at 16:02, Jan Beulich wrote: Isn't it inconsistent (and perhaps to be considered a security hole) that construct_dom0() specifically revokes access for a small group of ports, but DOM0_IOPORT_PERMISSION blindly grants access to any ports (including the 'special' ones) and any domain? Thanks, Jan The intention was sane start-of-day settings, not absolute security. We could add an 'absolutely no access' rangeset but it's not clear it's worth it. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |