|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] Where does PyGrub run?
eva wrote: 1- if pygrub needs to mount the domU, why does it says this? http://wiki.xen.org/wiki/PyGrub "This means that reading the guest filesystem does not require mounting the filesystem" Read the sentence before that : "PyGrub accesses the guest filesystem using a userspace filesystem library ..." Ie, instead of mounting the image to copy the files, it uses a userspace library to access the filesystem. The difference is that if you just do a regular mount, then the filesystem is mounted by kernel level code in Dom0 - and there is a theoretic risk that if someone finds a vulnerability in that, they can use it to compromise Dom0 with a carefully crafted DomU filesystem. Using a userspace library means that while there's still a risk of compromising the system, they cannot "crash" it as they could be compromising kernel level code. -- Simon Hobson Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed author Gladys Hobson. Novels - poetry - short stories - ideal as Christmas stocking fillers. Some available as e-books. _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxx http://lists.xen.org/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |