[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] [Xend] Move some backend configuration

On Tue, Sep 30, 2008 at 05:09:21PM +0100, Keir Fraser wrote:
> On 30/9/08 16:30, "Daniel P. Berrange" <berrange@xxxxxxxxxx> wrote:
> > Console data
> > 
> >  /local/domain/%d/console/vnc-port
> >  /local/domain/%d/console/tty
> Duplicating this pair of nodes sounds fine to me, *but* then libvirt is
> simply remaining vulnerable to the kind of attack we're are looking to
> avoid? Can any good really come from keeping the old locations?

Given that this is security sensitive, I have no objection to updating
libvirt to read from the new locations. The only thing I need to work 
out is a reliable way to choose when to use the new location, vs the 
looking at old location (for compat with existing deployments). 

|: Red Hat, Engineering, London   -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org  -o-  http://virt-manager.org  -o-  http://ovirt.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-  F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.