[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Permission of /usr/libexec/libvirt_proxy

To: shell heriyanto <shell.heriyanto@xxxxxxxxx>,xen-users@xxxxxxxxxxxxx
From: "Niels Dettenbach (Syndicat IT&Internet)" <nd@xxxxxxxxxxxx>
Date: Mon, 24 Dec 2012 11:55:41 +0100
Delivery-date: Mon, 24 Dec 2012 10:58:32 +0000
List-id: Xen user discussion <xen-users.lists.xen.org>


shell heriyanto <shell.heriyanto@xxxxxxxxx> schrieb:
>I just do security harden on my server,
>can i change permission for file /usr/libexec/libvirt_proxy
>from -rwsr-xr-x to -rwxr-xr-x. Can this make problem with xen? what
>impact
>if i do this?

not shure what do you mean with "harden" in your case and
i'm not shure because i did not use libvirt_proxy usually, but i assume the set 
uid bit allows other users then root to access functions hardly bound to the 
root user within xen and os subsystem required by xen.

As long as only root is using xen on your sys this should not be a problem. If 
other users then root want access to xen/libvirt (i.e. within a "xen" or 
"wheel" group) this change could avoid the usability of xen for them.


cheers,


Niels.
-- 
Niels Dettenbach
Syndicat IT&Internet
http://www.syndicat.com


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
http://lists.xen.org/xen-users

Follow-Ups:
- Re: [Xen-users] Permission of /usr/libexec/libvirt_proxy
  - From: shell heriyanto

References:
- [Xen-users] Permission of /usr/libexec/libvirt_proxy
  - From: shell heriyanto

Prev by Date: [Xen-users] Permission of /usr/libexec/libvirt_proxy
Next by Date: [Xen-users] PV-on-HVM mode
Previous by thread: [Xen-users] Permission of /usr/libexec/libvirt_proxy
Next by thread: Re: [Xen-users] Permission of /usr/libexec/libvirt_proxy
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.