[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] Is PyGrub safe to expose to users via VNC?


  • To: xen-users@xxxxxxxxxxxxxxxxxxxx
  • From: Vincent Canfield <vc@xxxxxxx>
  • Date: Sun, 19 Mar 2017 16:36:34 +0200
  • Delivery-date: Sun, 19 Mar 2017 14:37:48 +0000
  • List-id: Xen user discussion <xen-users.lists.xen.org>

Hi friends,

I run a VPS provider hosting PV VMs and am looking to implement VNC
functionality and expose that to my customers. As the subject states,
I'm wondering if there are any security considerations to be had in
doing so as it relates to pygrub. XSA-198 is what caused this concern,
though my understanding is that VNC access was not required to exploit
this vulnerability.

Despite how small of a chance, I figured it's best to ask before I mess
something up ;)

-- 
    Vincent Canfield
         -cock-
5CB4 9CDC EAC7 97FB F8BD
C074 FD71 AD27 71A5 CC1B

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
https://lists.xen.org/xen-users

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.