[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] domU kernel

On Sun, Oct 14, 2007 at 08:49:19PM -0400, IDAGroup - R.W.Muller wrote:
> Wow, if that is true then is CentOS making a big mistake.

Nah, they probably took the pros and cons into account and then made 
the same decision as suse did for SLES: put it all into the discfile.
Xen needs a bit more work than vmware, and this is a step to make the
handling of domUs simpler.

> Steve Wray wrote:
> >
> >You forgot the con.
> >
> >cons: Security. You now have a domU in which a local exploit could 
> >result in code being executed in dom0 at the next boot of that domU. 
> >By the way, this actually happened. See CVE-2007-4993
Right, its a con. Just couldnt think of at the time of writing ;)


Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.