[Xen-users] Is using w! safe to share data between domains?

["John A. Sullivan III" <jsullivan@xxxxxxxxxxxxxxxxxxx>]

I have a slightly unusual situation where I need to pass data from one
domain to another but, for security reasons, one of the domains will not
be on the network.  I would like to pass the data via a shared disk
partition.  I would like to know if what I have done is safe.

I created a disk partition named /dev/VG1/pkipass.
Each domU disk definition contains: 'phy:VG1/pkipass,sda3,w!'
None of the domUs automatically mounts this device.

When one domU needs to deposit data for another domU to pick up (this
exchange is always a manual effort to first deposit the shared data and
then retrieve the shared data), we do the following:

The depositing domU mounts sda3 read-only.
It looks for a tag file -- this tag file is created when a domU has
mounted the partition as read-write
If the tag-file exists {
        it unmounts the partition
        it sleeps briefly
        it retries
}
else {
        it remounts the partition read-write
        it creates the tag file
        it deposits the data
        it deletes the tag fie
        it unmounts the partition
}

A similar process is used to retrieve the data.

Is this safe?

Thanks - John
-- 
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan@xxxxxxxxxxxxxxxxxxx

If you would like to participate in the development of an open source
enterprise class network security management system, please visit
http://iscs.sourceforge.net


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users