Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Daniel P. Berrange" <berrange@redhat.com>
To: Keir Fraser <keir.fraser@eu.citrix.com>
Cc: xen-devel@lists.xensource.com
Subject: Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest
Date: Thu, 18 Dec 2008 17:49:51 +0000	[thread overview]
Message-ID: <20081218174951.GZ23277@redhat.com> (raw)
In-Reply-To: <C5703706.10B0%keir.fraser@eu.citrix.com>

On Thu, Dec 18, 2008 at 05:21:10PM +0000, Keir Fraser wrote:
> On 18/12/2008 15:53, "Daniel P. Berrange" <berrange@redhat.com> wrote:
> 
> > Explicitly give Dom0 permissions on the /local/domain/$DOMID so it
> > becomes the owner of the path. The guest is then granted read perm
> > on the path.
> 
> Thanks Daniel, that's a nasty one!
> 
> However there are other places in xend that commit the same error, and this
> interface weakness would doubtless bite us again in future. Hence the patch
> I actually committed (c/s 18933) actually takes a different strategy: in the
> bowels of the xend xenstore C package I check to see if the caller is try to
> change permissions of the node owner, and if so I fudge in dom0 as the owner
> instead. A bit grim, but I think probably a safer bet in this instance.

I think that looks correct to me. The easy way to test is to try and
write to '/local/domain/$DOMID/console/tty' from within the guest and
see if it succeeds or not 

Daniel
--
|: Red Hat, Engineering, London   -o-   http://people.redhat.com/berrange/ :|
|: http://libvirt.org  -o-  http://virt-manager.org  -o-  http://ovirt.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505  -o-  F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|

next prev parent reply	other threads:[~2008-12-18 17:49 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-12-18 15:53 PATCH: Actually make /local/domain/$DOMID readonly to the guest Daniel P. Berrange
2008-12-18 17:21 ` Keir Fraser
2008-12-18 17:49   ` Daniel P. Berrange [this message]
2008-12-18 17:53     ` Keir Fraser

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20081218174951.GZ23277@redhat.com \
    --to=berrange@redhat.com \
    --cc=keir.fraser@eu.citrix.com \
    --cc=xen-devel@lists.xensource.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.