Re: [Xen-devel] Finer access control framework over users, domai

Syunsuke HAYASHI writes ("Re: [Xen-devel] Finer access control framework over 
users,    domains and operations."):
> We understand that the implementation of the ACM on the web layer is easy.
> But we think that basic control tools of Xen (xm and libvirt) also need 
> the ACM

I see.  Why ?

> It is necessary to realize the ACM which considers users, domains and 
> operations.
> We only know ways that control by the unit of users or processes.
> Please let us know if there are other tools or ways that realize the ACM.

I'm not sure what you mean by `realise the ACM'.  Earlier you said
`ACM' stood for `Access Control Module' which I'll take to assume
means just some kind of access control facility.  I assume `realise'
means `have.

So you seem to be saying that you need an access control facility that
`considers users, domains and operations'.  That kind of access
control seems to be exactly what is easily done at a web ui layer, as
I said.

Perhaps `Access Control Module' means something more specific.  If so
then what kind of something ?  And why do you need that rather than
another solution ?

It would be most helpful if you described your ultimate objectives, in
a solution-neutral way.

Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:

Re: [Xen-devel] [PATCH] QEMU "drive_init()" Disk Format Security Bypass, Ian Jackson

Next by Date:

Re: [Xen-devel] [PATCH] Add xen_phys_start value in the crash info note, Keir Fraser

Previous by Thread:

Re: [Xen-devel] Finer access control framework over users, domains and operations., Syunsuke HAYASHI

Next by Thread:

[Xen-devel] [PATCH] Fix showing of CPU Affinity by xm vcpu-list, Masaki Kanno

Indexes:

[Date] [Thread] [Top] [All Lists]