From mboxrd@z Thu Jan 1 00:00:00 1970 From: Anthony Liguori Subject: Re: [PATCH] xen-2.0: privileged port connections Date: Thu, 24 Mar 2005 13:56:29 -0600 Message-ID: <1111694189.7847.3.camel@localhost> References: <42430FA0.5050604@tv.debian.net> Mime-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: 7bit In-Reply-To: <42430FA0.5050604@tv.debian.net> Sender: xen-devel-admin@lists.sourceforge.net Errors-To: xen-devel-admin@lists.sourceforge.net List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , List-Archive: To: Tommi Virtanen Cc: Ian Pratt , Kurt Garloff , Xen development list , ian.pratt@cl.cam.ac.uk List-Id: xen-devel@lists.xenproject.org On Thu, 2005-03-24 at 13:06, Tommi Virtanen wrote: > Ian Pratt wrote: > > For Xen 2.x, unix domain sockets would be too much of a pain to > > implement over Twisted. Kurt's approach gets us closer toward 'secure by > > default'. > > That just tells me you don't know twisted > (putting my "Twisted upstream developer" hat on..) > > Replace current reactor.listenTCP(port, protocolFactory) > with reactor.listenUNIX(path, protocolFactory). > If there's code that assumes TCP things (transport.getPeer() > to give IP addresses and ports etc), those may need to be fixed, > naturally. Thanks, I couldn't figure out why exporting the consoles over a domain socket wasn't working :-) Turns out we're using .getPeer(). I think perhaps we didn't use twisted as best as we could have so I agree with that it's going to be a fair bit of work. Regards, -- Anthony Liguori Linux Technology Center (LTC) - IBM Austin E-mail: aliguori@us.ibm.com Phone: (512) 838-1208 ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click