From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ingo Molnar Subject: Re: [PATCH 1/2] kvm tools: Export DISPLAY ENV as our default host ip address Date: Wed, 5 Sep 2012 10:09:45 +0200 Message-ID: <20120905080945.GB22644@gmail.com> References: <1345807781-23452-1-git-send-email-asias.hejun@gmail.com> <5045FD1E.2080602@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Avi Kivity , Asias He , Sasha Levin , Ingo Molnar , Cyrill Gorcunov , kvm@vger.kernel.org To: Pekka Enberg Return-path: Received: from mail-wg0-f44.google.com ([74.125.82.44]:40773 "EHLO mail-wg0-f44.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752882Ab2IEIJ5 (ORCPT ); Wed, 5 Sep 2012 04:09:57 -0400 Received: by wgbdr13 with SMTP id dr13so362428wgb.1 for ; Wed, 05 Sep 2012 01:09:56 -0700 (PDT) Content-Disposition: inline In-Reply-To: Sender: kvm-owner@vger.kernel.org List-ID: * Pekka Enberg wrote: > On 08/24/2012 02:29 PM, Asias He wrote: > >> It is useful to run a X program in guest and display it on host. > >> > >> 1) Make host's x server listen to localhost:6000 > >> host_shell$ socat -d -d TCP-LISTEN:6000,fork,bind=localhost \ > >> UNIX-CONNECT:/tmp/.X11-unix/X0 > >> > >> 2) Start the guest and run X program > >> host_shell$ lkvm run -k /boot/bzImage > >> guest_shell$ xlogo > > On Tue, Sep 4, 2012 at 4:07 PM, Avi Kivity wrote: > > Note, this is insecure, don't do this with untrusted guests. > > Asias, can we add a command line argument that enables this? > It'd be safer to keep it disabled by default. It might also be prudent to name the option in a way that signals that the user of it understands the security implications: --X11-trusted-guest 1 or so. Thanks, Ingo