|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] protecting xen startup
On Wed, Nov 24, 2004 at 03:24:02PM +0000, Luke Kenneth Casson Leighton wrote: > where xen->sid contains "xen_vm_0_t", "xen_vm_1_t" etc. > and tsec->sid contains "xen_xm_bin_t" - representing the xen control > binary /usr/bin/xm. > > the question i can't answer (the bit that i don't quite grok) is > how do you get hold of the right xen_info struct and how do you blat > the sid into it? sorry to be replying to my own message with another question, but would it be reasonable to have a function which adds some state info into the VM? what i mean by that is, would it be reasonable to add some functions xen_get_selinux_sid and xen_set_selinux_sid which are effectively the same as ext2/3 get and set xattrs "security.selinux"? such that it would be possible, on creation of a new xen guest session, to associate a SID with that session (e.g. "xen_vm_0_t") and then to be able to retrieve it again in the ioctls? l. ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |