|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] xm create as root vs xm destroy as normal user
On Mon, 2005-06-27 at 12:42 -0500, Bob Tanner wrote: > On Saturday 25 June 2005 06:52 pm, Kip Macy wrote: > > There is currently no notion of capabilities. In 3.0 the default > > communication path between xm and xend is now a unix domain socket so > > by default only root can execute xm commands. > > I'm sorry, I do not understand the answer. The "no notion of capabilities", > does that mean "yes, non-root users can stop Xen sessions in 2.x"? It means that there was no security whatsoever on the communication channel to xend. AFAIK, anyone who could connect to a local port was permitted to issue any commands to xend, including stopping a Xen session. That is fixed in Xen 3.0 by using a unix domain socket by default, which can have filesystem permissions set on it. If you need some protection in Xen 2.0, you should set up firewall rules to restrict access to the xend port (and the various domain console ports as well); iptables can filter on local user/group information, which might be useful for that purpose. - Josh Triplett _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |