This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-users] domU kernel

To: "IDAGroup - R.W.Muller" <robin@xxxxxxxxxxx>
Subject: Re: [Xen-users] domU kernel
From: Christian Horn <chorn@xxxxxxxxxxxx>
Date: Mon, 15 Oct 2007 14:49:00 +0200
Cc: xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Mon, 15 Oct 2007 05:49:43 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <4712B90F.8050103@xxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <470EF48A.5070601@xxxxxxxxxxx> <20071012045437.GA25878@xxxxxxxxxxxx> <4712B182.6050002@xxxxxxxxx> <4712B90F.8050103@xxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.13 (2006-08-11)
On Sun, Oct 14, 2007 at 08:49:19PM -0400, IDAGroup - R.W.Muller wrote:
> Wow, if that is true then is CentOS making a big mistake.

Nah, they probably took the pros and cons into account and then made 
the same decision as suse did for SLES: put it all into the discfile.
Xen needs a bit more work than vmware, and this is a step to make the
handling of domUs simpler.

> Steve Wray wrote:
> >
> >You forgot the con.
> >
> >cons: Security. You now have a domU in which a local exploit could 
> >result in code being executed in dom0 at the next boot of that domU. 
> >By the way, this actually happened. See CVE-2007-4993
Right, its a con. Just couldnt think of at the time of writing ;)


Xen-users mailing list

<Prev in Thread] Current Thread [Next in Thread>