[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] XCP: Insecure Distro ?


  • To: Randy Katz <rkatz@xxxxxxxxxxxxxxxxxxxxx>
  • From: Christopher J Petrolino <cpetrolino@xxxxxxxxx>
  • Date: Mon, 9 May 2011 21:40:28 -0400
  • Cc: xen-users@xxxxxxxxxxxxxxxxxxx
  • Delivery-date: Mon, 09 May 2011 18:42:13 -0700
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=Ualu3VXA8OXZnhkvQZrV19m5FQLWBHtg3+ZYPFIOBNlwa23vHAcK4ZmECxu3ejxgWI mEwbxevvj6UF3vYzXivI8CZqQltvLKM5Q5awa31T9a3BPhdyxVuISzBF0BiVZD9gPer3 N/TqFjo8k6qKZKAsRXr6fu69nFIYD+KEsbCE4=
  • List-id: Xen user discussion <xen-users.lists.xensource.com>

I don't think anyone is intentionally trying to be a flamer here but I
also don't think it is the most productive to send a message to the
list that says "XCP is missing  X and Y so I'm not going to use it. I
too have found several things that are important to me lacking from
XCP, but I also see the amazing potential and appreciate all the hard
work that has been put into it so far. Anyway back to what the OP
brought up -

1. /etc/shadow is still not present in XenServer 5.6 fp1 as far as I
can tell. See here -
http://forums.citrix.com/message.jspa?messageID=1552977

2. It certainly would be nice to see dedicated XCP repositories
created, but my hunch is that there are probably a lot of reasons why
it hasn't happened yet.



On Mon, May 9, 2011 at 8:26 PM, Randy Katz <rkatz@xxxxxxxxxxxxxxxxxxxxx> wrote:
> Why is flaming always the first line with you people? He brought up 2 very
> important issues in the
> form of questions which should be addressed:
>
> 1. Security flaw in XCP?
> 2. Where are the patches/updates going to come from and how?
>
> If you want to flame someone go ahead and flame me, but Adrien's questions
> seem sincere and important!
>
> Regards,
> Randy Katz
>
> On 5/9/2011 2:51 PM, Chris Petrolino wrote:
>>
>> Do you know how many "commercial" Linux based appliances there are out
>> there? How many of them follow the patch cycle of the Linux flavor
>> they are based on?
>>
>> Have you offered the community any suggestions on how to improve the
>> security model of XCP? We are all ears.
>>
>> As for updates not having the potential to break things, I strongly
>> disagree.
>>
>> Kind Regards,
>>
>> Christopher James Petrolino
>>
>>
>> On May 9, 2011, at 5:30 PM, Adrien Guillon<aj.guillon@xxxxxxxxx>  wrote:
>>
>>> Security updates are common, and generally do not make major interface
>>> changes by design.  I have no desire to update anything aside from
>>> receiving fixes for buffer overflows, or other exploits that are found
>>> in the wild.  The system in question should be in production for
>>> several years, and security patches are inevitable during that period
>>> of time.
>>>
>>> It likely took some effort to eliminate /etc/shadow in the first
>>> place, as this has been standard practice for a very long time.  I
>>> will not debate the merits of storing hashes in /etc/passwd or
>>> /etc/shadow because that debate ended a very long time ago.  Quite
>>> simply this distro has a major security flaw.
>>>
>>>
>>> On Mon, May 9, 2011 at 5:16 PM, riki<phobie@xxxxxxxx>  wrote:
>>>>
>>>> Well, you are right from the multi-user point of view regarding the
>>>> passwd
>>>> file, but XCP is designed as appliance, xe utility or something speaking
>>>> xapi is a way of interfacing it, no user other than root should access
>>>> dom0.
>>>>
>>>> Updates - question of stability, i hope you do not want to risk reload
>>>> of
>>>> all your VM`s due to libc changes or something like that :).  You need
>>>> to
>>>> update what? Xen hypervisor? Openvswitch, xapi toolstack? Everything
>>>> should
>>>> be locked down on lower levels (network access to dom0, physical access
>>>> to
>>>> appliances).
>>>>
>>>> Try to change the point of view and stop looking at it as a standard
>>>> multiuser linux enviroment.
>>>>
>>>> r.
>>>>
>>>> On 05/09/2011 10:41 PM, Adrien Guillon wrote:
>>>>>
>>>>> Hello mailing list!
>>>>>
>>>>> I have been working with XCP a little bit, and I have the impression
>>>>> that this distro is insecure.  First, it does not look like update
>>>>> repositories are enabled inside /etc/yum.repos.d, although I'm from an
>>>>> apt background so I may be misinterpreting that.  Where will my
>>>>> security updates come from?
>>>>>
>>>>> Next, it appears that the root password hash is directly stored inside
>>>>> /etc/passwd, which is set to world-readable!  There does not appear to
>>>>> be an /etc/shadow file at all.
>>>>>
>>>>> Unfortunately I am dropping the distro entirely due to security
>>>>> concerns, I hope that these problems can be fixed.
>>>>>
>>>>> AJ
>>>>>
>>>>> _______________________________________________
>>>>> Xen-users mailing list
>>>>> Xen-users@xxxxxxxxxxxxxxxxxxx
>>>>> http://lists.xensource.com/xen-users
>>>>
>>>> _______________________________________________
>>>> Xen-users mailing list
>>>> Xen-users@xxxxxxxxxxxxxxxxxxx
>>>> http://lists.xensource.com/xen-users
>>>>
>>> _______________________________________________
>>> Xen-users mailing list
>>> Xen-users@xxxxxxxxxxxxxxxxxxx
>>> http://lists.xensource.com/xen-users
>>
>> _______________________________________________
>> Xen-users mailing list
>> Xen-users@xxxxxxxxxxxxxxxxxxx
>> http://lists.xensource.com/xen-users
>>
>
>
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
>

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.