[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] severe security issue on dom0/xend/xm/non-root users
On Fri, 4 Mar 2005, Anthony Liguori wrote: > Any network user can connect to dom0 and also do any of these > operations. Very simple to firewall it off from remote, or even only attached to localhost. > The Xen documents should perhaps make this more aware. > Xend is not designed to provide any sort of security protection out of > the box. It assumes that you're running on a trusted network. Just > assume that any person that can ping dom0 has root access to your > system. > This is being addressed. This isn't a flaw in Xend. It just wasn't > meant for a security-conscious environment. Once the xen packages are accepted out of debian's incoming queue, I can be assured of having this bug filed, and it being tagged security. It *is* a problem. Saying it wasn't designed with this in mind doesn't make it a non-issue. ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/xen-devel
|
![]() |
Lists.xenproject.org is hosted with RackSpace, monitoring our |