[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Re: [PATCH resend] allow connecting to xenconsole from remote hosts



On Tue, Sep 26, 2006 at 06:43:32PM +0100, Keir Fraser wrote:
> On 26/9/06 17:08, "Muli Ben-Yehuda" <muli@xxxxxxxxxx> wrote:
> 
> > I can certainly do that - in fact, that's what I started with. But
> > even the current xenconsole code suffers from the theoretical problem
> > mentioned above of writing to an fd without checking that it is
> > writable first. All it takes to exploit it is to run `xenconsole |
> > <socket>' and make the system run out of memory so that the socket is
> > temporarily not writable. Granted, if this happens you have bigger
> > problems, but why not do things right?
> 
> I don't believe such a problem exists with the current console code.
> 
> We only write() to the tty_fd if it is in the set of writefds after the
> select() call in handle_io().

Hmm? you're looking at the console daemon code and referring to the
pty between the console daemon and client. I'm talking about the
console client and referring the to other fd in use, which is either
stdin/stdout (tty mode) or a socket (--remote mode). Sorry if I wasn't
clear before - the buffering on the console client side isn't
necessary between the daemon and the client, it's necessary between
the client and the "outside world". The code buffers both fds since
it's simpler than special casing one of them.

Cheers,
Muli

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.