WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] How secure is Dom0 from DomU

from [thewird] [Permanent Link][Original]
To: Thomas King <tking@xxxxxxxxxx>
Subject: Re: [Xen-users] How secure is Dom0 from DomU
From: thewird <thewird@xxxxxxxxx>
Date: Wed, 25 Jul 2007 08:39:39 -0400 (EDT)
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Wed, 25 Jul 2007 05:37:25 -0700
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=3Ga4iGdC3gd4MSwyc4LmyJrgN2Zvrg0eIvGeiEuYNDFkoAcFEdZVAUJxVCQ/9bzuJI6clnqjXP/msV5NAr7PyfOydFBGN+Ygrm717fa3aXxP04jymDacnnkHizZFWxFa1DJQXjglDOx68BlZQ47canH8gApefvq8fhD2+wNRHmQ=;
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <OF6D0D52D9.6BF42E16-ON85257323.0043C298-85257323.00453A94@xxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Reply-to: thewird@xxxxxxxxx
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
The DomU is an independent environment and cannot access other DomU's
or  the Dom0 regardless of the privaledges.

Marco Jorge

--- Thomas King <tking@xxxxxxxxxx> wrote:

> Hi,
> 
> I would like to understand the security implications between Dom0 and
> 
> DomU. 
> 
> Dom0 = openSUSE 10.2
> DomU = openSUSE 10.2 (paravirtualization)
> DomU = openSUSE 10.2 (full virtualization)
> DomU = WindowsXP (full virtualization)
> 
> If I must give out the DomU root (administrator) passwords, how
> secure is 
> the Dom0? Is there a difference in the security between Full and Para
> 
> virtualization? Can wrapping this in something like AppArmour resolve
> some 
> of the security issues (if there are any?) 
> 
> Thanks
> Thomas> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-users] How secure is Dom0 from DomU, Thomas King
Next by Date:  [Xen-users] Compile error, Ian Tobin
Previous by Thread:  [Xen-users] How secure is Dom0 from DomU, Thomas King
Next by Thread:  RE: [Xen-users] How secure is Dom0 from DomU, James Harper
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy