Xen 		  
Home About Xen.org Xen Xen Summit Wiki Mailing List Bug Tracker Xen Downloads
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] severe security issue on dom0/xend/xm/non-root users

from [Philip R Auld] [Permanent Link][Original]
To: Kurt Garloff <kurt@xxxxxxxxxx>
Subject: Re: [Xen-devel] severe security issue on dom0/xend/xm/non-root users
From: Philip R Auld <pauld@xxxxxxxxxxx>
Date: Mon, 14 Mar 2005 10:54:21 -0500
Cc: David Hopwood <david.hopwood@xxxxxxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxxx
Delivery-date: Tue, 15 Mar 2005 07:20:50 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20050314151652.GE11417@xxxxxxxxxxxxxxxxx>
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>
List-post: <mailto:xen-devel@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
References: <1109965655.3355.8.camel@localhost> <20050304195646.GA31213@xxxxxxxxxxxxxxxxxxxxxxx> <Pine.LNX.4.61.0503051651070.31720@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <422B1E47.9050502@xxxxxxxxxxxxx> <Pine.LNX.4.61.0503061613160.31720@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <20050313145512.GC29310@xxxxxxxxxxxxxxxxx> <4234B2F5.1070205@xxxxxxxxxxxxxxxx> <20050313215122.GC11358@xxxxxxxxxxxxxxxxx> <20050314145850.GB6037@xxxxxxxxxxxxxxxxxx> <20050314151652.GE11417@xxxxxxxxxxxxxxxxx>
Sender: xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.6i 
Rumor has it that on Mon, Mar 14, 2005 at 04:16:52PM +0100 Kurt Garloff said:
> On Mon, Mar 14, 2005 at 09:58:50AM -0500, Philip R Auld wrote:
> > Rumor has it that on Sun, Mar 13, 2005 at 10:51:22PM +0100 Kurt Garloff 
> > said:
> > > Normally, you'd expect that only the sysadmin is able to control
> > > virtual machines. This would be the result of this simple tweak.
> > 
> > Which sysadmin?  Dom0 sysadmin may not be the same as a vm's sysadmin.
> > You would not want a VM sysadmin to be able to manage someone else's VM,
> > but he may want control over his own. 
> 
> The most straightforward approach would be to have dom0 sysadmin to be
> the one in control of all the other domains.
> 

That's not really ideal for a virtualized environment. Think of a hosting
setup for example. You'd really like to have the "hoster" control dom0, but
have roles that allow a vm sysadmin to control his domain. Console and 
power/reset only perhaps, but still some xend access.

> Currently all dom0 users are, which is inconvenient, as machines that
> are used as desktops will need to have dom0 uers.
> 
> Of course, the other domains can have their own root users. This is
> not changed by restricting control connections to be originating from
> ports < 1024.


I'm not arguing against that. I was just pointing out the difference in 
roles needed. I think that will actually be orthagonal to protecting
xend itself. Make it secure first then carefully allow access for roles.
The tools will need to handle this permission I think. 


Cheers,

Phil

> 
> Regards,
> -- 
> Kurt Garloff                   <kurt@xxxxxxxxxx>             [Koeln, DE]
> Physics:Plasma modeling <garloff@xxxxxxxxxxxxxxxxxxx> [TU Eindhoven, NL]
> Linux: SUSE Labs (Director)    <garloff@xxxxxxx>            [Novell Inc]



-- 
Philip R. Auld, Ph.D.                          Egenera, Inc.    
Software Architect                            165 Forest St.
(508) 858-2628                            Marlboro, MA 01752


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] severe security issue on dom0/xend/xm/non-root users, Philip R Auld
Next by Date:  Re: [Xen-devel] RAMDISK: Image too big, Marcus Hardt
Previous by Thread:  Re: [Xen-devel] severe security issue on dom0/xend/xm/non-root users, Kurt Garloff
Next by Thread:  Re: [Xen-devel] severe security issue on dom0/xend/xm/non-root users, Kurt Garloff
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , XenSource, Inc. All rights reserved. Note: the xen.org trademark policy
is changing. For information please email legalxen.org, Legal and Privacy