Re: [Xen-devel] protecting xen startup

["Charles Coffing" <ccoffing@xxxxxxxxxx>]

Right, xend is just an HTTP interface to Xen via system calls or ioctls 
(xend <--> linux <--> Xen).

There's also a daemon (xfrd) running on 8002.

There currently is no authentication on either port.

In the source tree, look at docs/misc/xend.tex, although some details
are out of date.


HTH,
Charles
 
 
>>>Luke Kenneth Casson Leighton <lkcl@xxxxxxxx> 11/23/04 10:05 am >>> 
hi, 
 
i notice that there's a management interface on port 8000. 
 
i seek to protect this interface such that nothing but a trusted program

(think selinux) may run, manage, start up or shut down xen oses. 
 
so: where can i find out information about the structure of the 
xen management interface? 
 
is the port 8000 stuff just providing a web server (/etc/init.d/xend) 
front-end to some extra system calls? 
 
is the port 8000 stuff actually running in the xen boot-up stuff? 
 
if it's some extra system calls that's very good because it will be 
possible to add selinux security hooks to protect each system call. 
 
ta, 
 
l. 
 
-- 
-- 
<a href="http://lkcl.net";>http://lkcl.net</a> 
-- 
 
 
------------------------------------------------------- 
SF email is sponsored by - The IT Product Guide 
Read honest & candid reviews on hundreds of IT Products from real users.

Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/ 
 
Xen-devel mailing list 
Xen-devel@xxxxxxxxxxxxxxxxxxxxx 
https://lists.sourceforge.net/lists/listinfo/xen-devel 


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
http://productguide.itmanagersjournal.com/
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel