[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] problem of the permissions system in xenstore

To: Max Zhen <Max.Zhen@xxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxx>
From: Keir Fraser <Keir.Fraser@xxxxxxxxxxxx>
Date: Wed, 01 Nov 2006 11:03:32 +0000
Delivery-date: Thu, 02 Nov 2006 13:38:43 -0800
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
Thread-index: Acb9pV5KnL9F/GmYEduzowAX8io7RQ==
Thread-topic: [Xen-devel] problem of the permissions system in xenstore

On 1/11/06 10:32, "Max Zhen" <Max.Zhen@xxxxxxx> wrote:

> Is it a bug that a domU has no read permission to a path while has read
> permission to a path under it?

No that is valid, but the xenstored code is also quite anal about letting
untrusted clients know about presence/absence of nodes in subtrees for which
it has no access permissions. This case is obviously a bug -- a watch should
fire when a watched node disappears, even if the watcher cannot tell the
difference between that and the node being inaccessible.

I presume you have already tracked this down in xenstored. Can you make a
patch?

 -- Keir

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

References:
- [Xen-devel] problem of the permissions system in xenstore
  - From: Max Zhen

Prev by Date: [Xen-devel] Specjbb in ~gdunlap
Next by Date: Re: [Xen-devel] [PATCH] [XM-TEST] Fix xm-test suite for x86-64
Previous by thread: [Xen-devel] problem of the permissions system in xenstore
Next by thread: [Xen-devel] Testing status of HVM (Intel VT) on 64bit XEN unstable c/s 12025
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.