Anthony Liguori
2006-Mar-31 14:36 UTC
[Xen-devel] Re: [Xen-changelog] Set the permissions correctly on the XML-RPC UDP socket, so that non-root users
Did you see this failure after changing the socket location to /var/run/xend/xml-rpc.sock? The only way the permissions of /var/run/xend-xmlrpc.sock should be non-root is if /var/run has non root permissions. Was that the case? Regards, Anthony Liguoir Xen patchbot -unstable wrote:> # HG changeset patch > # User emellor@leeni.uk.xensource.com > # Node ID 53ded2201b7f9737faa4edffd86a870e56b2d704 > # Parent 601d0229a40e2de9a3cc3dec9e855d8b56b5a890 > Set the permissions correctly on the XML-RPC UDP socket, so that non-root users > cannot use the socket. > > This closes a security hole, and fixes the intermittent failure > of xm-test/06_list_nonroot.test. > > c.f. xen-unstable changeset 9205:faa1eb1621b9 (same bug, different socket). > > Signed-off-by: Ewan Mellor <ewan@xensource.com> > > diff -r 601d0229a40e -r 53ded2201b7f tools/python/xen/util/xmlrpclib2.py > --- a/tools/python/xen/util/xmlrpclib2.py Thu Mar 30 23:10:54 2006 > +++ b/tools/python/xen/util/xmlrpclib2.py Thu Mar 30 23:13:33 2006 > @@ -23,7 +23,7 @@ > from httplib import HTTPConnection, HTTP > from xmlrpclib import Transport > from SimpleXMLRPCServer import SimpleXMLRPCServer, SimpleXMLRPCRequestHandler > -import xmlrpclib, socket, os > +import xmlrpclib, socket, os, stat > import SocketServer > > import xen.xend.XendClient > @@ -105,10 +105,13 @@ > address_family = socket.AF_UNIX > > def __init__(self, addr, logRequests): > - if self.allow_reuse_address: > - try: > + parent = os.path.dirname(addr) > + if os.path.exists(parent): > + os.chown(parent, os.geteuid(), os.getegid()) > + os.chmod(parent, stat.S_IRWXU) > + if self.allow_reuse_address and os.path.exists(addr): > os.unlink(addr) > - except OSError, exc: > - pass > + else: > + os.makedirs(parent, stat.S_IRWXU) > TCPXMLRPCServer.__init__(self, addr, UnixXMLRPCRequestHandler, > logRequests) > diff -r 601d0229a40e -r 53ded2201b7f tools/python/xen/xend/XendClient.py > --- a/tools/python/xen/xend/XendClient.py Thu Mar 30 23:10:54 2006 > +++ b/tools/python/xen/xend/XendClient.py Thu Mar 30 23:13:33 2006 > @@ -19,10 +19,10 @@ > > from xen.util.xmlrpclib2 import ServerProxy > > -XML_RPC_SOCKET = "/var/run/xend-xmlrpc.sock" > +XML_RPC_SOCKET = "/var/run/xend/xmlrpc.sock" > > ERROR_INTERNAL = 1 > ERROR_GENERIC = 2 > ERROR_INVALID_DOMAIN = 3 > > -server = ServerProxy(''httpu:///var/run/xend-xmlrpc.sock'') > +server = ServerProxy(''httpu:///var/run/xend/xmlrpc.sock'') > > _______________________________________________ > Xen-changelog mailing list > Xen-changelog@lists.xensource.com > http://lists.xensource.com/xen-changelog >_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Ewan Mellor
2006-Mar-31 15:48 UTC
[Xen-devel] Re: [Xen-changelog] Set the permissions correctly on the XML-RPC UDP socket, so that non-root users
On Fri, Mar 31, 2006 at 08:36:45AM -0600, Anthony Liguori wrote:> Did you see this failure after changing the socket location to > /var/run/xend/xml-rpc.sock? The only way the permissions of > /var/run/xend-xmlrpc.sock should be non-root is if /var/run has non root > permissions. Was that the case?We were seeing the failure intermittently, even when the socket was in /var/run. According to unix(7), on Linux, "sockets honour the permissions of the directory they are in", so it seems to me to be safest to have our own dedicated directory, so that we can guarantee the permissions on that are correct. Ewan. _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Anthony Liguori
2006-Mar-31 15:49 UTC
[Xen-devel] Re: [Xen-changelog] Set the permissions correctly on the XML-RPC UDP socket, so that non-root users
Ewan Mellor wrote:> On Fri, Mar 31, 2006 at 08:36:45AM -0600, Anthony Liguori wrote: > > >> Did you see this failure after changing the socket location to >> /var/run/xend/xml-rpc.sock? The only way the permissions of >> /var/run/xend-xmlrpc.sock should be non-root is if /var/run has non root >> permissions. Was that the case? >> > > We were seeing the failure intermittently, even when the socket was in > /var/run. >Interesting, that''s really good to know for the future. Thanks, Anthony Liguori> According to unix(7), on Linux, "sockets honour the permissions of the > directory they are in", so it seems to me to be safest to have our own > dedicated directory, so that we can guarantee the permissions on that are > correct. > > Ewan. >_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel