[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [PATCH] xen-2.0: privileged port connections

To: Xen development list <xen-devel@xxxxxxxxxxxxxxxxxxxxx>
From: Kurt Garloff <garloff@xxxxxxx>
Date: Wed, 23 Mar 2005 13:36:39 +0100
Delivery-date: Wed, 23 Mar 2005 14:37:01 +0000
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>

Hi,

as discussed previously, I went ahead and introduced a setting that
allows you to restrict the stuff you can when controlling xen by
connecting to the port 8000 unless you connect from a privileged
port.

I did not yet bother to look at the event port nor did I try to address
the consoles. The consoles will be done in a second patch if this 
approach is deemed appropriate. 

Note that I also do still allow unprivileged connections still to gather
most of the information. This can be debated, but I'm not such a big fan
of security by obscurity.

I hope I did not miss anything important for the control stuff.

The patch also fixes one typo (missing ") in SrvNode.py.

Regards,
-- 
Kurt Garloff                   <kurt@xxxxxxxxxx>             [Koeln, DE]
Physics:Plasma modeling <garloff@xxxxxxxxxxxxxxxxxxx> [TU Eindhoven, NL]
Linux: SUSE Labs (Director)    <garloff@xxxxxxx>            [Novell Inc]

Attachment: xen-secure.diff
Description: Text document

Attachment: pgpzNoSrc5tTh.pgp
Description: PGP signature

Follow-Ups:
- Re: [Xen-devel] [PATCH] xen-2.0: privileged port connections
  - From: David Hopwood
- Re: [Xen-devel] [PATCH] xen-2.0: privileged port connections
  - From: Anthony Liguori

Prev by Date: Re: [Xen-devel] [PATCH] libxen-3.0 (libxc rewrite)
Next by Date: Re: [Xen-devel] domain state blocked?
Previous by thread: [Xen-devel] CONFIG_IP_PNP_DHCP=y
Next by thread: Re: [Xen-devel] [PATCH] xen-2.0: privileged port connections
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.