[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] libxl: set permissions for xs frontend entry pointing to xs backend

On 10/09/13 17:02, Ian Campbell wrote:
> On Tue, 2013-09-10 at 16:54 +0200, Roger Pau Monne wrote:
>> libxl doesn't currently set the permissions of entries like:
>> /local/domain/<domid>/device/<dev_type>/<devid>/backend
>> This allows the guest to change this xenstore entries to point to a
>> different backend path, or to malicious xenstore path forged by the
>> guest itself. libxl currently relies on this path being valid in order
>> to perform the unplug of devices in libxl__devices_destroy, so we
>> should prevent the guest from modifying this xenstore entry.
>> This patch sets the permisions of said path to be the same as a
>> backend xenstore entry (owned by the toolstack domain, readable by the
>> guest).
> and just to confirm: despite having r/w access to the containing
> directory, the guest cannot remove this node and recreate it?

No, it can't (I've tried it):

root@debian:~# xenstore-rm /local/domain/54/device/vbd/51712/backend
xenstore-rm: could not remove path /local/domain/54/device/vbd/51712/backend

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.