[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] severe security issue on dom0/xend/xm/non-root users



On Fri, 2005-03-04 at 13:35, Adam Heath wrote:

> Once the xen packages are accepted out of debian's incoming queue, I can be
> assured of having this bug filed, and it being tagged security.  It *is* a
> problem.  Saying it wasn't designed with this in mind doesn't make it a
> non-issue.

I'm not saying it's a non-issue :-)  It's one of the reasons I'm working
on VM-Tools.  Security is not something you can just retro-fit into
something.  It has to be designed in from the beginning.

That said, I don't think Xend not being secure on a hostile dom0 is a
bug per-say.  Really, having a hostile dom0 is putting an awful lot of
faith in the Linux syscall interface.

Remember, dom0 is a single point of failure.  If dom0 is compromised,
all of your VMs are.

We debated this previously with respect to boot loaders.  At the end of
the day, you just don't want any code running, no matter how restricted,
in dom0 that you don't trust.

Regards,

-- 
Anthony Liguori
Linux Technology Center (LTC) - IBM Austin
E-mail: aliguori@xxxxxxxxxx
Phone: (512) 838-1208




-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.