subject:"\[Xen\-devel\] \[PATCH\] tools\: create XEN_DUMP

Re: [Xen-devel] [PATCH] tools: create XEN_DUMP_DIR with mode 0700

2015-11-03 Thread Ian Campbell

On Thu, 2015-10-22 at 17:32 +0100, Ian Campbell wrote:
> On Wed, 2015-10-21 at 15:15 +0100, Wei Liu wrote:
> > That directory is used to store guest memory dump which contains
> > sensitive information.
> > 
> > Signed-off-by: Wei Liu 
> 
> Acked-by: Ian Campbell 

Applied.

> Have you audited all the paths we create and determined that this is the
> only one which needs adjusting in this way?
> 
> OOI, what lead you to be concerned about the permissions on the
> directories
> we are creating (first the xenpaging one, now this)?

Thanks for your reply to this bit.

Ian.

___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

Re: [Xen-devel] [PATCH] tools: create XEN_DUMP_DIR with mode 0700

2015-10-26 Thread Wei Liu

On Thu, Oct 22, 2015 at 05:32:57PM +0100, Ian Campbell wrote:
> On Wed, 2015-10-21 at 15:15 +0100, Wei Liu wrote:
> > That directory is used to store guest memory dump which contains
> > sensitive information.
> > 
> > Signed-off-by: Wei Liu 
> 
> Acked-by: Ian Campbell 
> 
> Have you audited all the paths we create and determined that this is the
> only one which needs adjusting in this way?
> 

No, I haven't audited all paths. I fixed this as I noticed it needed
fixing.

> OOI, what lead you to be concerned about the permissions on the directories
> we are creating (first the xenpaging one, now this)?
> 

I noticed the permission of xenpaging and dumpdir were different when I
was doing some random things.  And I wrongly assumed that xenpaging
directory should be fixed. Now this patch does the right thing -- it's
dumpdir's permission that should be fixed.

Wei.

> Ian.

___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

Re: [Xen-devel] [PATCH] tools: create XEN_DUMP_DIR with mode 0700

2015-10-22 Thread Ian Campbell

On Wed, 2015-10-21 at 15:15 +0100, Wei Liu wrote:
> That directory is used to store guest memory dump which contains
> sensitive information.
> 
> Signed-off-by: Wei Liu 

Acked-by: Ian Campbell 

Have you audited all the paths we create and determined that this is the
only one which needs adjusting in this way?

OOI, what lead you to be concerned about the permissions on the directories
we are creating (first the xenpaging one, now this)?

Ian.

___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

[Xen-devel] [PATCH] tools: create XEN_DUMP_DIR with mode 0700

2015-10-21 Thread Wei Liu

That directory is used to store guest memory dump which contains
sensitive information.

Signed-off-by: Wei Liu 
---
 tools/Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/Makefile b/tools/Makefile
index 2618559..820ca40 100644
--- a/tools/Makefile
+++ b/tools/Makefile
@@ -58,7 +58,7 @@ build all: subdirs-all
 
 .PHONY: install
 install: subdirs-install
-   $(INSTALL_DIR) $(DESTDIR)$(XEN_DUMP_DIR)
+   $(INSTALL_DIR) -m 700 $(DESTDIR)$(XEN_DUMP_DIR)
$(INSTALL_DIR) $(DESTDIR)/var/log/xen
$(INSTALL_DIR) $(DESTDIR)/var/lib/xen
 
-- 
2.1.4


___
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

Re: [Xen-devel] [PATCH] tools: create XEN_DUMP_DIR with mode 0700

Re: [Xen-devel] [PATCH] tools: create XEN_DUMP_DIR with mode 0700

Re: [Xen-devel] [PATCH] tools: create XEN_DUMP_DIR with mode 0700

[Xen-devel] [PATCH] tools: create XEN_DUMP_DIR with mode 0700

4 matches

Site Navigation

Mail list logo

Footer information