[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Exploiting XEN



On Tue, Mar 13, 2007 at 04:30:53PM +0100, Petersson, Mats wrote:
> > -----Original Message-----
> > From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
> > [mailto:xen-users-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of 
> > Artur Baruchi
> > Sent: 13 March 2007 14:43
> > To: Xen-users@xxxxxxxxxxxxxxxxxxx
> > Subject: [Xen-users] Exploiting XEN
> > 
> > Hi guys,
> > 
> > Im making somes researchs about security in Virtual Machines, and does
> > anybody knows, if exists a exploit or a rootkit for Xen? I would like
> > to test it (if exist).
> 
> Please take this the right way... If we assume one does exist, would you
> send it to me, if I asked you? [particularly if my e-mail address was of
> an "anonymous" origin like gmail?] - how do I know that the purpose you
> are asking for is the purpose you are REALLY asking for, rather than for
> example that you know someone's machine is Xen-based and you want to
> break into it. This is a non-moderated mailing-list, anyone with an
> e-mail account anywhere in the world (more or less) can sign up. 
> 
> I personally am not aware of any "rootkit" that relates to Xen. 

And more to the point, if any of the Xen developers did know of a "rootkit"
you can be damn sure they'd be fixing whatever flaw made it possible, rather
than passing it around for people to try out. 

> The Xen hypervisor is fairly small, and thus relatively easy to
> understand and control against vulnerabilities. Since it's living
> "outside" the host-OS that it controls, it's potentially less vulnerable
> than those hypervisors that live within the host-OS. 

Nice in theory, but in practice you have to include Dom0 as (at this
time) it has effectively unrestricted access to the hardware and is
neccessarily trusted by every DomU that cards about disk or network 
I/O. While in theory Xen may allow a tighter security model, in the
real-world deployments of Xen there's no better security from its 
arch of hypervisor outside the Dom0 OS, vs other virt systems which
have the hypervisor as part of  the Dom0.

Dan.
-- 
|=- Red Hat, Engineering, Emerging Technologies, Boston.  +1 978 392 2496 -=|
|=-           Perl modules: http://search.cpan.org/~danberr/              -=|
|=-               Projects: http://freshmeat.net/~danielpb/               -=|
|=-  GnuPG: 7D3B9505   F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505  -=| 

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.