|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] Best way to use Xen to segment & protect
On Tue, Feb 17, 2009 at 01:29:29PM -0800, Rick Flower wrote: > Thanks for the info Nick... Regarding the root escalation mentioned > above -- have there been issues with this in the past? Yes I believe so http://secunia.com/advisories/26986/ > Also, I guess it would help to have the domU that Apache is using to > have tools such as Tripwire and other related tools to keep thing from > getting too far... Inside a domU you would want any protections you would have on any other server. > If you're in a domU, can you tell that it's a virtual server? If not > then perhap it's less likely to break out and escalate to dom0...? Yes if its a paravirtualized machine. > Is it possible to have a domU mount a different filesystem than dom0? > Sorry for the numerous questions... Not quite sure what you mean here. -- Nick Anderson <nick@xxxxxxxxxxxx> http://www.cmdln.org Attachment:
signature.asc _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |