Xen project Mailing List

Re: [Xen-devel] [PATCH] tools: add XS_RESTRICT operation to C xenstore client libs.

To: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>, Tim Deegan <Tim.Deegan@xxxxxxxxxxxxx>

From: Keir Fraser <keir.fraser@xxxxxxxxxxxxx>

Date: Fri, 2 Jul 2010 18:43:39 +0100

Cc: "xen-devel@xxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxx>

Delivery-date: Fri, 02 Jul 2010 10:44:36 -0700

List-id: Xen developer discussion <xen-devel.lists.xensource.com>

Thread-index: AcsaBtRzq5y8nRFrRSultmtjOKgHiQAB0ZAu

Thread-topic: [Xen-devel] [PATCH] tools: add XS_RESTRICT operation to C xenstore client libs.

On 02/07/2010 17:50, "Ian Jackson" <Ian.Jackson@xxxxxxxxxxxxx> wrote: > Tim Deegan writes ("[Xen-devel] [PATCH] tools: add XS_RESTRICT operation to C > xenstore client libs."): >> The OCaml xenstored supports the XS_RESTRICT operation, which >> deprivileges a dom0 xenstore connection so it can only affect one >> domain's entries. Add the relevant definitions to the C libraries >> so that callers can use it. > > Can you explain what this is for, please ? If it's for security > against a hostile caller, what prevents the caller from simply opening > another xenstore connection ? A daemon like qemu-dm can do privileged things like opening a xenstore connection, and then deprivilege itself via setuid() before handling I/O requests and exposing itself on that particular attack front. XS_RESTRICT allows such a service to further and more precisely deprivilege itself. -- Keir _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.