WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Xen-users] Xen Security

from [Jonathan Tripathy] [Permanent Link][Original]
To: "Fajar A. Nugraha" <fajar@xxxxxxxxx>, <xen-users@xxxxxxxxxxxxxxxxxxx>
Subject: RE: [Xen-users] Xen Security
From: "Jonathan Tripathy" <jonnyt@xxxxxxxxxxx>
Date: Fri, 16 Jul 2010 11:55:55 +0100
Cc:
Delivery-date: Fri, 16 Jul 2010 04:00:39 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <4C3F905E.9030100@xxxxxxxxxxx><201007161203.10272.bart.coninckx@xxxxxxxxxx><46C13AA90DB8844DAB79680243857F0F0AFDBC@xxxxxxxxxxxxxxxxxxx><201007161221.02660.bart.coninckx@xxxxxxxxxx><46C13AA90DB8844DAB79680243857F0F0AFDBD@xxxxxxxxxxxxxxxxxxx> <AANLkTim68C-r3pP95IER8YgCMv-Ea0z_iV9L_BkIx_1D@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: Acsk09z4tG0XFHNjSzS4EbycMrp95gAAZpMh
Thread-topic: [Xen-users] Xen Security


 

On Fri, Jul 16, 2010 at 5:27 PM, Jonathan Tripathy <jonnyt@xxxxxxxxxxx> wrote:
> Do people on this list generally trust Xen with their private data, mixed
> with public VMs? The folks over at Slicehost, Amazon etc.. seem to...

"mixed" as in having an "intranet only" VM and a "public facing" VM in
the same dom0 box? Yes.

Anyway, like Bart mentioned, "seclusion is created by software. In
theory it is the same thing as physical seclusion, until the software
fails or is compromised." IMHO the risk is no bigger than (say) having
a L2 switch separate public and private network with vlans. There are
some risk involved, and you have to decide whether you can accept it
or not.

--
Fajar

--------------------------------------------------------------------------------------------------------------
 
I think this sums it up pretty well! We could even go as far as saying that the firewall which seperates our DMZ/LAN could have unknown flaws. Anyway, I'm sure if something show-stopping comes up, I'm guessing this list will be the first to hear about it!
 
Bart, good point on the liability issue.
 
Does Xen 4.0 have any security fixes compared to 3.4.2? Or is 4.0 more about features (which could potentially create more holes)?
 
Cheers
 
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] Xen Security, Fajar A. Nugraha
Next by Date:  Re: [Xen-users] Troubleshooting Xen 4.0 + 2.6.32.16 pv_ops install, Peter Braun
Previous by Thread:  Re: [Xen-users] Xen Security, Fajar A. Nugraha
Next by Thread:  Re: [Xen-users] Xen Security, ABPNI
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy