Changes between Version 3 and Version 4 of Qrexec


Ignore:
Timestamp:
Aug 30, 2011 1:43:49 PM (22 months ago)
Author:
rafal
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • Qrexec

    v3 v4  
    5151By default, stderr of client and server is logged to respective /var/log/qubes/qrexec.XID files. 
    5252 
     53 
     54Be very careful when coding and adding a new rpc service. Unless the offered functionality equals full control over the target (it is the case with e.g. qubes.VMShell action), any vulnerability in a rpc server can be fatal to qubes security. On the other hand, this mechanism allows to delegate processing of untrusted input to less privileged (or throwaway) AppVMs, thus wise usage of it increases security.  
     55 
    5356=== Qubes RPC example === 
    5457We will show the necessary files to create rpc call that adds two integers on the target and returns back the result to the invoker.