[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Xen-devel] [PATCH] xenstored: allow guests to reintroduce themselves
On 08/09/2011 12:31 PM, Keir Fraser wrote:
Do you have any examples of projects which could run with much lesser privilege, and very constrained xenstore access, if a suitably controlled xenstore interface was provided?
There's a bunch of program that doesn't need much more than read/write to a specific limited part of xenstore. - Guest agents (reporting stats usually) - things listening to some actions (snapshot yourself, export some storage thing, etc..) Perhaps a variant of the restrict packet would be enough to drop some privileges of the xenbus connection (at connection time) to read/write to a specific path. -- Vincent _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
Lists.xenproject.org is hosted with RackSpace, monitoring our