[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] regarding privileges

To: Ian Pratt <Ian.Pratt@xxxxxxxxxxxx>
From: Keir Fraser <Keir.Fraser@xxxxxxxxxxxx>
Date: Sat, 25 Oct 2003 11:32:33 +0100
Cc: Paul Boehm <paul@xxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxxx
Delivery-date: Sat, 25 Oct 2003 11:43:46 +0100
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>

> That's a fair point. The intention is to split up the 'privilege'
> in to a bit mask to enable finer grained control and granting of
> specific privileges to domains, (like the 'CAP_*' stuff in
> Linux). It should be a fairly simple task to split the privileges
> up -- one for the todo list.

Yes, this needs to be considered at the same time we refactor the Xen
hypercall interface. eg. perhaps not all current dom0_ops should be
dom0_ops (access should instead be controlled by some other
capability). Adjusting it so that access to each `privileged'
hypercall is controlled by one capability each might be neat, and help
work out a neat rearrangement for the hypercalls.

 -- Keir


-------------------------------------------------------
This SF.net email is sponsored by: The SF.net Donation Program.
Do you like what SourceForge.net is doing for the Open
Source Community?  Make a contribution, and help us add new
features and functionality. Click here: http://sourceforge.net/donate/
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel

Follow-Ups:
- [Xen-devel] Help
  - From: QuickNet

References:
- Re: [Xen-devel] regarding privileges
  - From: Ian Pratt

Prev by Date: Re: [Xen-devel] Support for mii_xxx functions?
Next by Date: [Xen-devel] Help
Previous by thread: Re: [Xen-devel] regarding privileges
Next by thread: [Xen-devel] Help
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.