WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/

Home

xen-users

[Top] [All Lists]

RE: [Xen-users] If a DomU was compramised..

from [James Harper]

[Permanent Link][Original]

To:	"Jonathan Tripathy" <jonnyt@xxxxxxxxxxx>, <Xen-users@xxxxxxxxxxxxxxxxxxx>
Subject:	RE: [Xen-users] If a DomU was compramised..
From:	"James Harper" <james.harper@xxxxxxxxxxxxxxxx>
Date:	Thu, 20 May 2010 22:23:53 +1000
Cc:
Delivery-date:	Thu, 20 May 2010 05:27:20 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to:	<46C13AA90DB8844DAB79680243857F0F061FD0@xxxxxxxxxxxxxxxxxxx>
List-help:	<mailto:xen-users-request@lists.xensource.com?subject=help>
List-id:	Xen user discussion <xen-users.lists.xensource.com>
List-post:	<mailto:xen-users@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References:	<46C13AA90DB8844DAB79680243857F0F061FD0@xxxxxxxxxxxxxxxxxxx>
Sender:	xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index:	Acr4FZ78j8DEJe8XQfuONuMiTQYJSQAANMNA
Thread-topic:	[Xen-users] If a DomU was compramised..

> 
> If a DomU was compramised, could the Dom0 or other DomUs be
compramised?
> 
> I guess I'm trying to work out how much isolated Xen gives..
> 

Not by design, but there is always the possibility that an errant DomU
could exploit a bug and compromise the hypervisor or Dom0 that way.

But depending on what your DomU does, it may be trusted by other servers
on your network so it's obviously never a good thing, but that's not
really anything to do with Xen.

In writing PV drivers for Windows I have caused complete system crashes
before, which means it is (or at least was) possible to crash the whole
system from a DomU. That was over a year ago and I never followed up
exactly what caused the problem other than to fix the bug in my driver.

I'd be interested to hear about what sort of analysis has been done on
this subject... do any papers exist?

James


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-users] If a DomU was compramised.., Jonathan Tripathy RE: [Xen-users] If a DomU was compramised.., James Harper <= [Xen-users] RE: If a DomU was compramised.., Matej Zary RE: [Xen-users] RE: If a DomU was compramised.., Jonathan Tripathy Message not available RE: [Xen-users] RE: If a DomU was compramised.., Jonathan Tripathy RE: [Xen-users] RE: If a DomU was compramised.., Matthew Law RE: [Xen-users] RE: If a DomU was compramised.., Jonathan Tripathy Re: [Xen-users] RE: If a DomU was compramised.., Vern Burke Message not available Re: [Xen-users] RE: If a DomU was compramised.., Matthew Law RE: [Xen-users] RE: If a DomU was compramised.., Jeff Sturm Re: [Xen-users] RE: If a DomU was compramised.., Steve Spencer Re: [Xen-users] RE: If a DomU was compramised.., ABPNI

Previous by Date:	Re: [Xen-users] Openvswitch, Nick Couchman
Next by Date:	[Xen-users] RE: If a DomU was compramised.., Matej Zary
Previous by Thread:	[Xen-users] If a DomU was compramised.., Jonathan Tripathy
Next by Thread:	[Xen-users] RE: If a DomU was compramised.., Matej Zary
Indexes:	[Date] [Thread] [Top] [All Lists]

This site is hosted by Citrix