[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] XCP/Xen security

I've never seen it happen, but according to the various security
bulletins that have come out on the xen kernels that come
from RedHat it can happen.
What I have done myself is by nasty I/O inside the domU to crash
not only the domU but panic the dom0 that is hosting it too.  I
think that is the bigger risk.

Much of this stuff if I understand correctly is due to
vulnerabilities in the virtual machines layer of the hardware itself.


On Tue, 16 Mar 2010, Vern Burke wrote:

Greetings all:
  Just a general question for the group at large. I find myself in the position of 
fighting a lot of vague "cloud security issues".

The question is, has anyone ever seen a VM break into the Xen hypervisor layer 
and presumably break into another VM? I'm not talking about an external attack 
on the Dom0, I'm talking about an internal attack through the DomU's connection 
to the hypervisor.

Sent from my BlackBerry® wireless device from U.S. Cellular

Steven C. Timm, Ph.D  (630) 840-8525
timm@xxxxxxxx  http://home.fnal.gov/~timm/
Fermilab Computing Division, Scientific Computing Facilities,
Grid Facilities Department, FermiGrid Services Group, Assistant Group Leader.

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.