|
|
|
|
|
|
|
|
|
|
xen-devel
Re: [Xen-devel] severe security issue on dom0/xend/xm/non-root users
On Fri, 2005-03-04 at 13:35, Adam Heath wrote:
> Once the xen packages are accepted out of debian's incoming queue, I can be
> assured of having this bug filed, and it being tagged security. It *is* a
> problem. Saying it wasn't designed with this in mind doesn't make it a
> non-issue.
I'm not saying it's a non-issue :-) It's one of the reasons I'm working
on VM-Tools. Security is not something you can just retro-fit into
something. It has to be designed in from the beginning.
That said, I don't think Xend not being secure on a hostile dom0 is a
bug per-say. Really, having a hostile dom0 is putting an awful lot of
faith in the Linux syscall interface.
Remember, dom0 is a single point of failure. If dom0 is compromised,
all of your VMs are.
We debated this previously with respect to boot loaders. At the end of
the day, you just don't want any code running, no matter how restricted,
in dom0 that you don't trust.
Regards,
--
Anthony Liguori
Linux Technology Center (LTC) - IBM Austin
E-mail: aliguori@xxxxxxxxxx
Phone: (512) 838-1208
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel
|
|
|
|
|