This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-devel] Module loading in unpriveledged domains

To: Scott Mohekey <smohekey@xxxxxxxxxxxxxxxx>
Subject: Re: [Xen-devel] Module loading in unpriveledged domains
From: Ian Pratt <Ian.Pratt@xxxxxxxxxxxx>
Date: Mon, 22 Nov 2004 08:32:15 +0000
Cc: xen-devel@xxxxxxxxxxxxxxxxxxxxx, Ian.Pratt@xxxxxxxxxxxx
Delivery-date: Mon, 22 Nov 2004 08:41:03 +0000
Envelope-to: xen+James.Bulpin@xxxxxxxxxxxx
In-reply-to: Your message of "Mon, 22 Nov 2004 07:44:52 GMT." <loom.20041122T084315-239@xxxxxxxxxxxxxx>
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>
List-post: <mailto:xen-devel@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
Sender: xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx
> Is there any security risk in enabling loadable module support in the linux
> kernel used for the unpriveledged domains? I ask this question in the context 
> of
> a virtual private server hosting provider.

There shouldn't be any security risk at all -- Xen should provide
all the isolation you need (modulo any bugs).


SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now. 
Xen-devel mailing list