[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] PATCH: Actually make /local/domain/$DOMID readonly to the guest

  • To: "Daniel P. Berrange" <berrange@xxxxxxxxxx>, <xen-devel@xxxxxxxxxxxxxxxxxxx>
  • From: Keir Fraser <keir.fraser@xxxxxxxxxxxxx>
  • Date: Thu, 18 Dec 2008 17:21:10 +0000
  • Cc:
  • Delivery-date: Thu, 18 Dec 2008 09:21:31 -0800
  • List-id: Xen developer discussion <xen-devel.lists.xensource.com>
  • Thread-index: AclhNQTkJZcLtJDvHE+FHpHYPJ9/DQ==
  • Thread-topic: [Xen-devel] PATCH: Actually make /local/domain/$DOMID readonly to the guest

On 18/12/2008 15:53, "Daniel P. Berrange" <berrange@xxxxxxxxxx> wrote:

> Explicitly give Dom0 permissions on the /local/domain/$DOMID so it
> becomes the owner of the path. The guest is then granted read perm
> on the path.

Thanks Daniel, that's a nasty one!

However there are other places in xend that commit the same error, and this
interface weakness would doubtless bite us again in future. Hence the patch
I actually committed (c/s 18933) actually takes a different strategy: in the
bowels of the xend xenstore C package I check to see if the caller is try to
change permissions of the node owner, and if so I fudge in dom0 as the owner
instead. A bit grim, but I think probably a safer bet in this instance.

What do you think of it? If it seems okay I will backport and will have to
do new RCs of 3.2.3 and 3.3.1.

 Thanks again,

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.