Bug 239863
Summary: | xen-http-server will not allow remote management; fails to bind to any port | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 4 | Reporter: | Paul Morgan <pmorgan> |
Component: | xen | Assignee: | Xen Maintainance List <xen-maint> |
Status: | CLOSED WONTFIX | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 4.0 | ||
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2007-05-17 18:04:07 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Paul Morgan
2007-05-11 19:26:40 UTC
We don't support use of the xen-http-server at all in RHEL, hence it is not allowed by the SELinux policy. XenD has *zero* authentication on its HTTP service, so turning on 'xen-http-server' is quite seriously the same as running a telnet server with no root password set. If you really want to let anyone own your machine, then as you documented above, semanage can be used. This is not something we will allow for out of the box |