Xen 		  
Home About Xen.org Xen Xen Summit Wiki Mailing List Bug Tracker Xen Downloads
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-devel] Re: severe security issue on dom0/xend/xm/non-root users

from [Nuutti Kotivuori] [Permanent Link][Original]
To: xen-devel@xxxxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] Re: severe security issue on dom0/xend/xm/non-root users
From: Nuutti Kotivuori <naked@xxxxxx>
Date: Sat, 19 Mar 2005 13:21:17 +0200
Cache-post-path: aka.i.naked.iki.fi!unknown@xxxxxxxxxxxxxxxxxx
Cancel-lock: sha1:0kSTOEH6YLE/z5HR2fWzgp5Cbm0=
Delivery-date: Sat, 19 Mar 2005 11:23:03 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>
List-post: <mailto:xen-devel@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
Organization: Ye 'Ol Disorganized NNTPCache groupie
References: <20050313145512.GC29310@xxxxxxxxxxxxxxxxx> <4234B2F5.1070205@xxxxxxxxxxxxxxxx> <20050313215122.GC11358@xxxxxxxxxxxxxxxxx> <20050314145850.GB6037@xxxxxxxxxxxxxxxxxx> <20050314151652.GE11417@xxxxxxxxxxxxxxxxx> <20050314155421.GD6037@xxxxxxxxxxxxxxxxxx> <20050314161316.GM11417@xxxxxxxxxxxxxxxxx> <423927DB.3040305@xxxxxxxxxxxxx> <20050317150230.GW11685@xxxxxxxxxxxxxxxxx> <423A9D38.9080601@xxxxxxxxxxxxx> <20050318093158.GE16066@xxxxxxxxxxxxxxxxx> <423AC2BD.10601@xxxxxxxxxxxxx>
Sender: xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx
User-agent: Gnus/5.1007 (Gnus v5.10.7) XEmacs/21.4 (Jumbo Shrimp, linux) 
Tommi Virtanen wrote:
> Kurt Garloff wrote:
>> I don't see a big difference in neither flexibility nor security.
>
> So you really _want_ to add yet another unnecessary setuid app,
> where one really is not needed?

Tommi has said everything already, and I concur - please consider
using an UNIX-domain socket. Even more reasons for preferring it over
a TCP-connection can be listed, but hopefully they are not needed.

-- Naked




-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-devel] Re: Using Debian packages, Nuutti Kotivuori
Next by Date:  [Xen-devel] Re: problems with console in domU if physdev access enabled, Maurice Meeden
Previous by Thread:  Re: [Xen-devel] severe security issue on dom0/xend/xm/non-root users, Tommi Virtanen
Next by Thread:  Re: [Xen-devel] severe security issue on dom0/xend/xm/non-root users, David Hopwood
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , XenSource, Inc. All rights reserved. Note: the xen.org trademark policy
is changing. For information please email legalxen.org, Legal and Privacy