[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] PATCH: CVE-2007-0998: Remove access to QEMU monitor in VNC server

On 19/5/07 12:48, "S.ÃaÄlar Onur" <caglar@xxxxxxxxxxxxx> wrote:

>>> Same patch applies cleanly on Xen-3.1.0, is it forgetton?
>> The patch is in 3.1.0.
> Hmm, is that solved another way? Cause according to HG history its first
> committed [1] then reverted [2]?

There's a 'monitor' option in the domain config file, which can be used to
enable the monitor over VNC. It defaults to off, for security, of course.

 -- Keir

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.