[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] Is PyGrub safe to expose to users via VNC?

To: xen-users@xxxxxxxxxxxxxxxxxxxx
From: Vincent Canfield <vc@xxxxxxx>
Date: Sun, 19 Mar 2017 16:36:34 +0200
Delivery-date: Sun, 19 Mar 2017 14:37:48 +0000
List-id: Xen user discussion <xen-users.lists.xen.org>

Hi friends,

I run a VPS provider hosting PV VMs and am looking to implement VNC
functionality and expose that to my customers. As the subject states,
I'm wondering if there are any security considerations to be had in
doing so as it relates to pygrub. XSA-198 is what caused this concern,
though my understanding is that VNC access was not required to exploit
this vulnerability.

Despite how small of a chance, I figured it's best to ask before I mess
something up ;)

-- 
    Vincent Canfield
         -cock-
5CB4 9CDC EAC7 97FB F8BD
C074 FD71 AD27 71A5 CC1B

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxx
https://lists.xen.org/xen-users

Prev by Date: Re: [Xen-users] pfsense HVM domU and quad nic without pci passthrough
Next by Date: [Xen-users] How to persist domU efi boot order ?
Previous by thread: Re: [Xen-users] xen dom0 nfs hangs, oom killer and more
Next by thread: [Xen-users] How to persist domU efi boot order ?
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.