[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] severe security issue on dom0/xend/xm/non-root users


On Thu, Mar 17, 2005 at 08:46:51AM +0200, Tommi Virtanen wrote:
> There's a simple reason why that's not really what you want.
> Imagine two security-sensitive services, with different sets of
> allowed users. Using UNIX domain sockets with filesystem access
> control allows using two groups to list the allowed users for each
> service -- using <1024 source port does not.

It does.
The frontend (that would acquire the privileged socket) would need
to be setuid root for this and then could enforce whatever policies,
much more flexible than the Unix group membership model if you want.

Best regards,
Kurt Garloff                   <kurt@xxxxxxxxxx>             [Koeln, DE]
Physics:Plasma modeling <garloff@xxxxxxxxxxxxxxxxxxx> [TU Eindhoven, NL]
Linux: SUSE Labs (Director)    <garloff@xxxxxxx>            [Novell Inc]

Attachment: pgpbIU9QTPOcA.pgp
Description: PGP signature



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.