[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Where does PyGrub run?

On 25 April 2012 20:27, Simon Hobson <linux@xxxxxxxxxxxxxxxx> wrote:
> eva wrote:
>> 1- if pygrub needs to mount the domU, why does it says this?
>> http://wiki.xen.org/wiki/PyGrub
>> "This means that reading the guest filesystem does not require
>> mounting the filesystem"
> Read the sentence before that : "PyGrub accesses the guest filesystem using a 
> userspace filesystem library ..."
> Ie, instead of mounting the image to copy the files, it uses a userspace 
> library to access the filesystem. The difference is that if you just do a 
> regular mount, then the filesystem is mounted by kernel level code in Dom0 - 
> and there is a theoretic risk that if someone finds a vulnerability in that, 
> they can use it to compromise Dom0 with a carefully crafted DomU filesystem. 
> Using a userspace library means that while there's still a risk of 
> compromising the system, they cannot "crash" it as they could be compromising 
> kernel level code.

Hello Simon,

Thanks for answering. I read that part, but afterwards I read the link
that Luke posted that says:

"The problem with PyGRUB is that while it’s a good simulation of a
bootloader, it has to mount the domU partition"


..hence my confusion.

Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.