[Pkg-xen-devel] Bug#596048: xen-utils-common: /etc/init.d/xendomains stop saves images world readable
Sascha Herrmann
sh-bugs at nvbi.de
Wed Sep 8 09:03:10 UTC 2010
Package: xen-utils-common
Version: 4.0.0-1
Severity: important
When xen domUs are saved by running /etc/init.d/xendomains stop the
memory images are saved world readable, so that every user on the
system can read the memory dumps. The default mode of /var/lib/xen/save is
755, vm images are saved with mode 755. At least the save directory shoudn't
be world readable.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-xen-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages xen-utils-common depends on:
ii gawk 1:3.1.7.dfsg-5 GNU awk, a pattern scanning and pr
ii lsb-base 3.2-23.1 Linux Standard Base 3.2 init scrip
ii udev 160-1 /dev/ and hotplug management daemo
ii xenstore-utils 4.0.1~rc6-1 Xenstore utilities for Xen
xen-utils-common recommends no packages.
xen-utils-common suggests no packages.
-- Configuration Files:
/etc/xen/xend-config.sxp changed [not included]
-- no debconf information
More information about the Pkg-xen-devel
mailing list