WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/

Home

xen-users

[Top] [All Lists]

RE: [Xen-users] Re: Exploiting XEN

from [Kraska, Joe A \(US SSA\)]

[Permanent Link][Original]

Subject:	RE: [Xen-users] Re: Exploiting XEN
From:	"Kraska, Joe A \(US SSA\)" <joe.kraska@xxxxxxxxxxxxxx>
Date:	Thu, 15 Mar 2007 12:42:50 -0700
Cc:	Xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date:	Thu, 15 Mar 2007 12:41:56 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxx
List-help:	<mailto:xen-users-request@lists.xensource.com?subject=help>
List-id:	Xen user discussion <xen-users.lists.xensource.com>
List-post:	<mailto:xen-users@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References:	<20070313154326.GB24377@xxxxxxxxxx><907625E08839C4409CE5768403633E0B018E1A6D@xxxxxxxxxxxxxxxxx> <45F990E9.4020303@xxxxxxxxxx>
Sender:	xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index:	AcdnMD5rqF49dHt7SSOGsC+f2oh+agACaz4Q
Thread-topic:	[Xen-users] Re: Exploiting XEN

> > I guess that's a fair comment too. Dom0 is a large part of a Xen
> > environment, and if Dom0 is compromised, then Xen can't really do
that
> > much to prevent the system from being crashed, subverted or other
> > malicious acts. But I believe Xen itself is "safe" from Dom0 being
> > compromised
> 
> It's not.  Dom0 (or any IO domain) has direct access to DMA
controllers.
>   It can use DMA to overwrite the hypervisor's memory with arbitrary
data.

I believe he was saying that dom0 was "safe" from an attempt to
compromise
originating out of a domU. No domU can be safe from dom0. That should be
understood.

Joe.



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-users] Exploiting XEN, Artur Baruchi RE: [Xen-users] Exploiting XEN, Petersson, Mats Re: [Xen-users] Exploiting XEN, Daniel P. Berrange RE: [Xen-users] Exploiting XEN, Petersson, Mats Re: [Xen-users] Exploiting XEN, Mark Williamson [Xen-users] Re: Exploiting XEN, Anthony Liguori RE: [Xen-users] Re: Exploiting XEN, Kraska, Joe A \(US SSA\) <= RE: [Xen-users] Re: Exploiting XEN, Tim Post RE: [Xen-users] Re: Exploiting XEN, Kraska, Joe A \(US SSA\) RE: [Xen-users] Re: Exploiting XEN, Tim Post [Xen-users] Re: Re: Exploiting XEN, Michelle Konzack RE: [Xen-users] Re: Re: Exploiting XEN, Petersson, Mats RE: [Xen-users] Re: Re: Exploiting XEN, Kraska, Joe A \(US SSA\) RE: [Xen-users] Re: Re: Exploiting XEN, Kraska, Joe A \(US SSA\) Re: [Xen-users] Exploiting XEN, Tim Post

Previous by Date:	Re: [Xen-users] xen hotplug scripts not working, Tim Post
Next by Date:	[Xen-users] Bridge networking needs proxy ARP?, Russell Robinson
Previous by Thread:	[Xen-users] Re: Exploiting XEN, Anthony Liguori
Next by Thread:	RE: [Xen-users] Re: Exploiting XEN, Tim Post
Indexes:	[Date] [Thread] [Top] [All Lists]

This site is hosted by Citrix