|
|
|
|
|
|
|
|
|
|
xen-users
Re: [Xen-users] Re: Access Hypervisor Control from DomU
Am Donnerstag, den 30.03.2006, 08:08 -0500 schrieb Sean Dague:
> On Thu, Mar 30, 2006 at 07:43:47AM +0200, Stephan Seitz wrote:
[...]
> > My question, is it possible to investigate this behaviour (and
> > ideally, xm destroy / create) from one of the live domU's ? I know,
> > this would be a security issue, but is there _any_ access back to the
> > dom0 like the xm console from dom0 to domU's ?
>
> For exactly the reasons you stated (security), the answer is no.
I remember reading that the only real difference between a dom0 and a
domU kernel is the priviledge to have access to the hypervisor. Why not
declaring a special domU to a "fallback" dom0? Not in the sense of
having access to hw but control over the hypervisor.
That would help if the original dom0 userland dies, but it's kernel
keeps forwarding/bridging packets and blockdevice-I/O, like Stephan's
dom0 did.
/nils.
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
|
|