[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [MirageOS-devel] TLS on Xen write-up
On Wed, Jan 21, 2015 at 11:07 AM, Thomas Leonard <talex5@xxxxxxxxx> wrote: I've now got my file queue REST service working with TLS on Very interesting post! Regarding checking that your components aren't 'accidentally' accessing the raw block device: I'm sure you're right that linking the unikernel for Unix would smoke out any references to the raw Xen blkfront. It might get a bit harder in future when blkfront itself has been functorised and can be linked anywhere, but perhaps this is where a bit of dead code analysis comes in -- we already want to remove unused functions to shrink binary size but perhaps we could check that certain functions/modules/functors have been removed to prove a security property? Cheers, Dave I think it would be useful to provide some standard advice to people
Dave Scott
_______________________________________________ MirageOS-devel mailing list MirageOS-devel@xxxxxxxxxxxxxxxxxxxx http://lists.xenproject.org/cgi-bin/mailman/listinfo/mirageos-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |