WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Building domains as a lesser user (was Re: [Xen-devel] boot loaders

from [Jacob Gorm Hansen] [Permanent Link][Original]
To: Anthony Liguori <anthony@xxxxxxxxxxxxx>
Subject: Re: Building domains as a lesser user (was Re: [Xen-devel] boot loaders for domain != 0)
From: Jacob Gorm Hansen <jacobg@xxxxxxx>
Date: Thu, 03 Feb 2005 19:56:29 -0800
Cc: xen-devel@xxxxxxxxxxxxxxxxxxxxx
Delivery-date: Fri, 04 Feb 2005 03:56:52 +0000
Envelope-to: xen+James.Bulpin@xxxxxxxxxxxx
In-reply-to: <4202ED53.70802@xxxxxxxxxxxxx>
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>
List-post: <mailto:xen-devel@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
References: <A95E2296287EAD4EB592B5DEEFCE0E9D1236E4@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <4202CB48.2040704@xxxxxxx> <4202DB0F.1050102@xxxxxxxxxxxxx> <4202E915.4030100@xxxxxxx> <4202ED53.70802@xxxxxxxxxxxxx>
Sender: xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla Thunderbird 1.0 (X11/20050116) 
Anthony Liguori wrote:

Jacob Gorm Hansen wrote:


Anthony Liguori wrote:

If we trust Linux to enforce security, we do not need Xen at all ;-)
The current architecture of Xen requires that we trust whatever is running in Domain-0. The problems being cited wouldn't be a problem if you could create domains from unpriviledged Domains because you could have creator Domains who could be created from a trusted source and used as a buffer against attack.
If you start having domains that can create other domains, IPC, shared memory between domains, all that, you have essentially turned Xen into a microkernel, and you start having all sorts of funny issues like access control, domain ownership, QoS crosstalk and whatnot. And in ten years from now someone will have to invent a new VMM layer to put below Xen only to get another fresh start. I am sure the original UNIX also seemed elegant at first, in the days when it didn't have 250+ different syscalls... 

Jacob


-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Building domains as a lesser user (was Re: [Xen-devel] boot loaders for domain != 0), Anthony Liguori
Next by Date:  Re: Building domains as a lesser user (was Re: [Xen-devel] boot loaders for domain != 0), Jacob Gorm Hansen
Previous by Thread:  Re: Building domains as a lesser user (was Re: [Xen-devel] boot loaders for domain != 0), Anthony Liguori
Next by Thread:  [Xen-devel] General questions on IA64 porting, Philippe Berthault
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy