[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v2 1/5] libxl: allow /local/domain/0/device-model/$DOMID to be written by $DOMID
Stefano Stabellini writes ("[PATCH v2 1/5] libxl: allow /local/domain/0/device-model/$DOMID to be written by $DOMID"): > The device model is going to restrict its xenstore connection to $DOMID > level. Let it access /local/domain/0/device-model/$DOMID, as it is > required by QEMU to read/write the physmap. It doesn't contain any > information the guest is not already fully aware of. This permissions change needs to be accompanied, in its commit message, with an argument explaining why it is safe. In particular, we need to know that nothing uses information from this path in an unsafe way (including in the case when the qemu is privileged). Ian. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |