|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] Re: Users can provide their own kernels?
Mark Williamson wrote: In Xen, the guest kernel has no part in enforcing interdomain security - Xendoes that. Simply by running a kernel in a domU, it is unprivileged. Kernels running in a domU never have any special privileges unless you explicitly grant them from dom0. This is unlike UML / vservers, where a compromise of the VM's kernel can allow a user to "escape". The only reason we provide a separate xenU kernel is because it's a bitsmaller than the xen0 kernel. The guest bootloader takes advantage of thissupport to allow users to compile their own guest kernels and select them themselves. So it's safe, don't worry ;-) What about guest kernels not built with ARCH=xen? Would they just crash? Best Regards,Michael Paesold _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |