WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] Xen binary distrib's kernel as domU kernel

from [Ulrich Windl] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] Xen binary distrib's kernel as domU kernel
From: "Ulrich Windl" <ulrich.windl@xxxxxxxxxxxxxxxxxxxx>
Date: Thu, 11 Jan 2007 08:26:47 +0100
Delivery-date: Wed, 10 Jan 2007 23:27:23 -0800
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <1168457001.4698.6.camel@localhost>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Organization: Universitaet Regensburg, Klinikum
Priority: normal
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
On 10 Jan 2007 at 20:23, Sipos Ferenc wrote:

> Hi All,
> 
> just a quicky. Is it a security breach (by any means) if I run the
> official XenSource e.g. vmlinuz-2.6-xen kernel as my domU kernel? I

AFAIK, openSUSE (SLES10) uses the very same kernel to boot Dom0 and DomUs. It's 
conventient if you think about kernel updates and kernel security fixes. 
However 
each DomU has it's own copy of the kernel that's used to boot the DomU.

Never had an unsafe feeling with that.

Ulrich


> mean, this has the 'Privilege domain' option compiled in (as the very
> same one runs under the dom0 itself) as well as the {net,block}-backend
> drivers?
> 
> I'm using it in a potentially malicious environment (VPS hosting) and I
> want to make sure noone can tamper with system from a domU the way that
> is not desirable.
> 
> Thanks for your time in advance,
> Frank
> 
> 
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Old problem with USB (Was: Re: [Xen-users] Fwd: New problem with winxp), Ulrich Windl
Next by Date:  Re: [Xen-users] boot domU without soft raid ... ?, Martin Hierling
Previous by Thread:  Re: [Xen-users] Xen binary distrib's kernel as domU kernel, Luke S. Crawford
Next by Thread:  RE: [Xen-users] Xen binary distrib's kernel as domU kernel, Petersson, Mats
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy