Xen project Mailing List

Re: [Xen-users] Exploiting XEN

To: Artur Baruchi <mail.baruchi@xxxxxxxxx>

From: Tim Post <tim.post@xxxxxxxxxxxxxxx>

Date: Wed, 14 Mar 2007 00:18:46 +0800

Delivery-date: Tue, 13 Mar 2007 09:18:13 -0700

List-id: Xen user discussion <xen-users.lists.xensource.com>

On Tue, 2007-03-13 at 11:42 -0300, Artur Baruchi wrote: > Hi guys, > > Im making somes researchs about security in Virtual Machines, and does > anybody knows, if exists a exploit or a rootkit for Xen? I would like > to test it (if exist). > > Thanks, > > Artur Baruchi To my knowledge, no "special" hacks exist to allow underprivileged domains the ability to trick the hypervisor into doing undesirable things. Depending on the diligence of whoever setup Xen, you may be able to do or find interesting things around the network, but this isn't Xen's fault. Likewise, Xen can't stop ill experienced people from running an 3 year old copy of phpbb on dom-0 itself. I have seen some pretty wasted dom-0's, but this is due to hackers finding weaknesses in php scripts made to manage Xen using weak setuid wrappers to talk to xm, lvm and iptables. They got in through PHP, not Xen. I have yet to see xen perk its way into the discovery scripts hackers upload once they find a way to get code somewhere they can write. Nobody seems to be looking for xen, parts of xen or much less something that indicates the version of Xen is exploitable. If there was anything of interest, I'm sure hackers would be probing for it. I don't look at *every* little thing I find in /tmp on every shared hosting server I manage, but I try to at least peek at most of it. The 'garbage' that 80K + hosted domains leaves laying around gives you a pretty acute birds eye view of the threats you need to be dealing with. I agree with Mats, asking the way you did does kind of raise a few hairs. Many IAAS (Infrastructure As A Service) providers base some or all of their offerings around Xen's security. So do some governments. Its not like you just said "Oh, HI! JACK!" in an airport, but you came close. I'm not going to say its wrong to ask if such a thing exist, but clearly state your intentions for seeking it and don't use an anonymous e-mail address when making such inquiries. Best, --Tim _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users

References:

[Xen-users] Exploiting XEN
- From: Artur Baruchi

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.