Xen 		  
Home About Xen.org Xen Xen Summit Wiki Mailing List Bug Tracker Xen Downloads
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-devel] QEMU "drive_init()" Disk Format Security Bypass

from [Keir Fraser] [Permanent Link][Original]
To: "Daniel P. Berrange" <berrange@xxxxxxxxxx>, Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>
Subject: Re: [Xen-devel] QEMU "drive_init()" Disk Format Security Bypass
From: Keir Fraser <keir.fraser@xxxxxxxxxxxxx>
Date: Thu, 08 May 2008 18:18:41 +0100
Cc: Eren Türkay <turkay.eren@xxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxx
Delivery-date: Thu, 08 May 2008 10:19:16 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <20080508171255.GA31908@xxxxxxxxxx>
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcixL4+MzdWPrR0iEd28OwAX8io7RQ==
Thread-topic: [Xen-devel] QEMU "drive_init()" Disk Format Security Bypass
User-agent: Microsoft-Entourage/11.4.0.080122 
On 8/5/08 18:12, "Daniel P. Berrange" <berrange@xxxxxxxxxx> wrote:

>> Should we break all old installations by requiring everyone to specify
>> a format ?  Or should we break only some old installations by
>> retaining the current syntax to mean one thing or the other ?  Perhaps
>> we should attempt to guess according to the _filename_, which is
>> controlled by the host and thus safe.  Do users typically choose
>> filenames for cow images which are enough of a giveaway ?
> 
> Well, tap:XXX: style URLS already encode the format explicitly. So if
> we made QEMU understand that syntax too, then that gives admins the
> option to be secure, while keeping file: fas a legacy (unsecure) mode
> for compatability. This has the added advantage that it'd be the same
> syntax used for PV-on-HVM drivers, and avoids nasty guessing based on
> filename.

Yes, I think we should keep the existing syntax's existing semantics. Just
as qemu/kvm have done.

 -- Keir



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-devel] QEMU "drive_init()" Disk Format Security Bypass, Daniel P. Berrange
Next by Date:  Re: [Xen-devel] QEMU "drive_init()" Disk Format Security Bypass, Ian Jackson
Previous by Thread:  Re: [Xen-devel] QEMU "drive_init()" Disk Format Security Bypass, Daniel P. Berrange
Next by Thread:  Re: [Xen-devel] QEMU "drive_init()" Disk Format Security Bypass, Ian Jackson
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , XenSource, Inc. All rights reserved. Note: the xen.org trademark policy
is changing. For information please email legalxen.org, Legal and Privacy