Displaying 20 results from an estimated 5000 matches similar to: "shype for Xen / readme"
2005 Jun 22
0
RE: [Xense-devel] Re: [PATCH] sHype access controlarchitecture for Xen
Lets not confuse the issues here and don''t turn this into a programming
language argument. With the sHype patches there is a well defined
language for specifying policies and there is a well defined binary
representation for that policy. That is a very good start!
I see the java tool as a *sample* implementation of a translator between
the two. You are free to write/use your own compiler
2006 Oct 03
2
[IMPORTANT BUGFIX][ACM][XM] FIX essential security check in block-attach / indentation problem introduced in change set changeset 11572
This patch fixes an indentation error in main.py. The effect of this bug
is that block-attach does not check labels if the ACM is active. This
bug slipped in with change set 11572_:_ ad22c711ccb7
<http://xenbits.xensource.com/xen-unstable.hg?cs=ad22c711ccb7>.
This patch is essential and should get into 3.0.3. I tested the patch
with security off and on.
Thanks
Reiner
P.S. We are
2005 Aug 18
4
[PATCH] ACM: adding C-support for policy translation and labeling support for domains
This patch:
* adds a C-based security policy translation tool to Xen (secpol_xml2bin)
and removes the current Java
security policy translator (Java dependencies). The C-based tool
integrates into the Xen source tree build
and install (using gnome libxml2 for XML parsing). See install.txt.
* introduces security labels and related tools. Users can now use
semantic-rich label names to put
2007 Feb 10
0
[PATCH][ACM EZPOLICY TOOL] Make xensec_ezpolicy ready for wx/Python 2.5
Updates xensec_ezpolicy ACM policy generation tool so that it works with
wxPython under Python 2.5 as well.
Thanks
Reiner
Signed-off by: Reiner Sailer <sailer@us.ibm.com>
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xensource.com
http://lists.xensource.com/xen-devel
2006 Sep 11
0
[RESEND][BUGFIX][ACM] fix return code in acm-related xm scripts
This patch fixes return codes for the acm-related Xen management scripts
(error conditions) and addresses minor issues that ''pycheck'' complains
about. It is tested with xm-test and by manually running the xm
commands. It also handles the return case (reported by Masaki Kanno)
that was missed in the originally patch.
Signed-off by: Reiner Sailer <sailer@us.ibm.com>
2006 Jun 30
0
[PATCH][ACM][UPDATE2] python tools and support for resource labeling
Same functionality as the previous patches in this series. I have
updated the error handling to correct the problems discovered by Ewan.
This patch successfully completes the xm-test suite on my dev
machine. In addition, we have tested out the affected commands by
hand to ensure that error handling is being done properly. Hopefully
this one will not create any more problems.
2006 Apr 12
0
[Patch 1 / 8][ACM] - name and simplify security policies
This patch adds a policy name to the policy definition. This policy name
must be unique and must change if the content of the file changes. The
policy name is used to ensure that the XM tools and the hypervisor work
on the same policy, i.e., interpret the security information on domains
consistently. This patch also simplifies the policy management by moving
policy and labels into a single
2006 Aug 31
0
[Xense-devel] [RFC][PATCH][ACM] enforcing ACM policy on network traffic between virtual network interfaces
This patch adds an ACM hook into the network scripts (/etc/xen/scripts).
It adds iptables rules that enforce mandatory access control on network
packets exchanged between virtual interfaces. If ACM is active, this
patch sets the default FORWARD policy in Dom0 to DROP and adds iptables
ACCEPT rules between vifs that belong to domains that are permitted to
share (determined by using the
2005 Jan 04
0
Re: trusted computing
> From: David Hopwood <david@bl...>
> [image removed] Re: trusted computing
> 2004-10-18 19:24
> Tim Freeman wrote:
>
> > not about Xen in particular, but as a side note, because I think some
> > people are interested in trusted computing and virtualization? If
> > you"re not, sorry for the intrusion!
> >
> >
2006 Sep 04
2
Question about ACMError
Hi all,
Could you teach me about the behavior of xm commands when
''ACMError'' occurred?
I am testing the behavior of xm commands with wrong arguments.
When I tested xm commands related to security (xm *label/*policy),
I found that some of them.
- return 0,
- show ACMError''s Traceback messages.
Are these results specifications or bugs?
Example:
# xm cfgbootpolicy
2005 Nov 16
1
COM dates (was origin and "origin<-" in chron)
I was just looking for an easy way to convert between COM datetime and
chron datetime (both ways.)
I found examples on the list, but they involved origin.
Does anyone have functions for converting COM datetime <-> chron
datetimethat work "safely"?
David L. Reiner
> -----Original Message-----
> From: Gabor Grothendieck [mailto:ggrothendieck@gmail.com]
>
2007 Mar 09
1
RE: Coaching in asterisk
I didn't know you are courageous. I upgraded to 1.4 last night.
-----Original Message-----
From: asterisk-users-bounces@lists.digium.com
[mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Stephen
Bosch
Sent: Friday, March 09, 2007 11:30 AM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: Re: [asterisk-users] RE: Coaching in asterisk
Wai Wu wrote:
> Ouch, I
2002 Oct 11
0
booting pxelinux and subsequent tftp-reads
hello,
I used to start a network installation from redhat or suse over PXE using
the pxelinux component from the syslinux package. At the beginning of
installation I want to read some files (e.g. the kickstart-file) over tftp from
the pxe server. The problem is that from the point of view of the installation
loader I don't know the ip-address and the tftp path prefix of the pxe server.
Is
2007 Mar 09
1
RE: Coaching in asterisk
BTW. We only use Asterisk for a few functions. Everything else is done
on an extenal application controlling Asterisk through AMI.
-----Original Message-----
From: asterisk-users-bounces@lists.digium.com
[mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Wai Wu
Sent: Friday, March 09, 2007 12:22 PM
To: Asterisk Users Mailing List - Non-Commercial Discussion
Subject: RE:
2004 May 04
3
Linux IAX client
Folks,
It seems like the * v 0.9 and iaxcomm won't speak to each other. Is there
another IAX2 client that is usable under Linux (Debian preferred)?
Thanks,
Tim
--
2004 Feb 03
4
voip phones
What is the best inexpensive voip phone out there? I want to try
a few with *, but don't want to go broke while I'm just playing
around...
Tim
--
2013 May 17
0
Mean using different group for a real r beginner
Hi,
Try either:
tolerance <- read.csv("http://www.ats.ucla.edu/stat/r/examples/alda/data/tolerance1.txt")
?aggregate(exposure~male,data=tolerance,mean)
?# male exposure
#1??? 0 1.246667
#2??? 1 1.120000
#or
?library(plyr)
?ddply(tolerance,.(male),summarize,exposure=mean(exposure))
#? male exposure
#1??? 0 1.246667
#2??? 1 1.120000
#or
2004 Aug 06
3
tdm400p lockups
I have a system that has a TDM400 with 3 FXO modules. Recently, the
system started not seeing the ports. No answer, no lines available
for oubound dial, and only a reboot of the machine will bring it back.
Any ideas to try?
Thanks,
Tim
--
2012 Apr 30
1
Hmisc::pstamp, mfcol, and spacing
I am trying to make a nice 2x1 plot and add a timestamp with comment.
The pstamp function from Hmisc works nicely when mfcol=c(1,1),
but when mfcol=c(2,1), the stamp winds up in the wrong place:
> require('Hmisc')
> opar <- par(mfcol=c(2,1))
> plot(1:10)
> title(main="MAIN Title")
> plot(1:20)
> title(main="Another Title")
> pstamp("normal
2009 Aug 06
0
Error: ''ACM policy not supported.''
Hi all,
I want to build sHype into Xen on ubuntu 8.04,
In Config.mk I changed
XSM_ENABLE ?= n to XSM_ENABLE ?= y
ACM_SECURITY ?= n to ACM_SECURITY ?= y;
then
#make xen tools
#make install-xen install-tools
without any error;
but when I reboot and type "xm resetpolicy", I got an error "ACM policy