Re: [Xen-changelog] Set the permissions correctly on the XML-RPC UDP socket, so that non-root users

All of lore.kernel.org
 help / color / mirror / Atom feed

* Re: [Xen-changelog] Set the permissions correctly on the XML-RPC UDP socket, so that non-root users
       [not found] <E1FP85Y-00078n-Gr@xenbits.xensource.com>
@ 2006-03-31 14:36 ` Anthony Liguori
  2006-03-31 15:48   ` Ewan Mellor
  0 siblings, 1 reply; 3+ messages in thread
From: Anthony Liguori @ 2006-03-31 14:36 UTC (permalink / raw)
  To: xen-devel; +Cc: Ewan Mellor

Did you see this failure after changing the socket location to 
/var/run/xend/xml-rpc.sock?  The only way the permissions of 
/var/run/xend-xmlrpc.sock should be non-root is if /var/run has non root 
permissions.  Was that the case?

Regards,

Anthony Liguoir

Xen patchbot -unstable wrote:
> # HG changeset patch
> # User emellor@leeni.uk.xensource.com
> # Node ID 53ded2201b7f9737faa4edffd86a870e56b2d704
> # Parent  601d0229a40e2de9a3cc3dec9e855d8b56b5a890
> Set the permissions correctly on the XML-RPC UDP socket, so that non-root users
> cannot use the socket.
>
> This closes a security hole, and fixes the intermittent failure
> of xm-test/06_list_nonroot.test.
>
> c.f. xen-unstable changeset 9205:faa1eb1621b9 (same bug, different socket).
>
> Signed-off-by: Ewan Mellor <ewan@xensource.com>
>
> diff -r 601d0229a40e -r 53ded2201b7f tools/python/xen/util/xmlrpclib2.py
> --- a/tools/python/xen/util/xmlrpclib2.py	Thu Mar 30 23:10:54 2006
> +++ b/tools/python/xen/util/xmlrpclib2.py	Thu Mar 30 23:13:33 2006
> @@ -23,7 +23,7 @@
>  from httplib import HTTPConnection, HTTP
>  from xmlrpclib import Transport
>  from SimpleXMLRPCServer import SimpleXMLRPCServer, SimpleXMLRPCRequestHandler
> -import xmlrpclib, socket, os
> +import xmlrpclib, socket, os, stat
>  import SocketServer
>  
>  import xen.xend.XendClient
> @@ -105,10 +105,13 @@
>      address_family = socket.AF_UNIX
>  
>      def __init__(self, addr, logRequests):
> -        if self.allow_reuse_address:
> -            try:
> +        parent = os.path.dirname(addr)
> +        if os.path.exists(parent):
> +            os.chown(parent, os.geteuid(), os.getegid())
> +            os.chmod(parent, stat.S_IRWXU)
> +            if self.allow_reuse_address and os.path.exists(addr):
>                  os.unlink(addr)
> -            except OSError, exc:
> -                pass
> +        else:
> +            os.makedirs(parent, stat.S_IRWXU)
>          TCPXMLRPCServer.__init__(self, addr, UnixXMLRPCRequestHandler,
>                                   logRequests)
> diff -r 601d0229a40e -r 53ded2201b7f tools/python/xen/xend/XendClient.py
> --- a/tools/python/xen/xend/XendClient.py	Thu Mar 30 23:10:54 2006
> +++ b/tools/python/xen/xend/XendClient.py	Thu Mar 30 23:13:33 2006
> @@ -19,10 +19,10 @@
>  
>  from xen.util.xmlrpclib2 import ServerProxy
>  
> -XML_RPC_SOCKET = "/var/run/xend-xmlrpc.sock"
> +XML_RPC_SOCKET = "/var/run/xend/xmlrpc.sock"
>  
>  ERROR_INTERNAL = 1
>  ERROR_GENERIC = 2
>  ERROR_INVALID_DOMAIN = 3
>  
> -server = ServerProxy('httpu:///var/run/xend-xmlrpc.sock')
> +server = ServerProxy('httpu:///var/run/xend/xmlrpc.sock')
>
> _______________________________________________
> Xen-changelog mailing list
> Xen-changelog@lists.xensource.com
> http://lists.xensource.com/xen-changelog
>   

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [Xen-changelog] Set the permissions correctly on the XML-RPC UDP socket, so that non-root users
  2006-03-31 14:36 ` [Xen-changelog] Set the permissions correctly on the XML-RPC UDP socket, so that non-root users Anthony Liguori
@ 2006-03-31 15:48   ` Ewan Mellor
  2006-03-31 15:49     ` Anthony Liguori
  0 siblings, 1 reply; 3+ messages in thread
From: Ewan Mellor @ 2006-03-31 15:48 UTC (permalink / raw)
  To: Anthony Liguori; +Cc: xen-devel

On Fri, Mar 31, 2006 at 08:36:45AM -0600, Anthony Liguori wrote:

> Did you see this failure after changing the socket location to 
> /var/run/xend/xml-rpc.sock?  The only way the permissions of 
> /var/run/xend-xmlrpc.sock should be non-root is if /var/run has non root 
> permissions.  Was that the case?

We were seeing the failure intermittently, even when the socket was in
/var/run.

According to unix(7), on Linux, "sockets honour the permissions of the
directory they are in", so it seems to me to be safest to have our own
dedicated directory, so that we can guarantee the permissions on that are
correct.

Ewan.

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [Xen-changelog] Set the permissions correctly on the XML-RPC UDP socket, so that non-root users
  2006-03-31 15:48   ` Ewan Mellor
@ 2006-03-31 15:49     ` Anthony Liguori
  0 siblings, 0 replies; 3+ messages in thread
From: Anthony Liguori @ 2006-03-31 15:49 UTC (permalink / raw)
  To: Ewan Mellor; +Cc: xen-devel

Ewan Mellor wrote:
> On Fri, Mar 31, 2006 at 08:36:45AM -0600, Anthony Liguori wrote:
>
>   
>> Did you see this failure after changing the socket location to 
>> /var/run/xend/xml-rpc.sock?  The only way the permissions of 
>> /var/run/xend-xmlrpc.sock should be non-root is if /var/run has non root 
>> permissions.  Was that the case?
>>     
>
> We were seeing the failure intermittently, even when the socket was in
> /var/run.
>   

Interesting, that's really good to know for the future.

Thanks,

Anthony Liguori

> According to unix(7), on Linux, "sockets honour the permissions of the
> directory they are in", so it seems to me to be safest to have our own
> dedicated directory, so that we can guarantee the permissions on that are
> correct.
>
> Ewan.
>   

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2006-03-31 15:49 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
     [not found] <E1FP85Y-00078n-Gr@xenbits.xensource.com>
2006-03-31 14:36 ` [Xen-changelog] Set the permissions correctly on the XML-RPC UDP socket, so that non-root users Anthony Liguori
2006-03-31 15:48   ` Ewan Mellor
2006-03-31 15:49     ` Anthony Liguori

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.