WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/

Home

xen-devel

[Top] [All Lists]

[Xen-devel] Security Implications of letting customers use their own ker

from [Jonathan Tripathy]

[Permanent Link][Original]

To:	Xen-devel@xxxxxxxxxxxxxxxxxxx
Subject:	[Xen-devel] Security Implications of letting customers use their own kernel
From:	Jonathan Tripathy <jonnyt@xxxxxxxxxxx>
Date:	Wed, 15 Dec 2010 12:26:28 +0000
Cc:
Delivery-date:	Wed, 15 Dec 2010 04:27:06 -0800
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxxx
List-help:	<mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id:	Xen developer discussion <xen-devel.lists.xensource.com>
List-post:	<mailto:xen-devel@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender:	xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent:	Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.12) Gecko/20101027 Thunderbird/3.1.6

Hi Everyone,

What are the security implications of letting customers install theirown kernel?

In my own research, I have only seen things that would compromise theirown DomU. My main area on concern is to protect all the other DomUs.

An area of potential concern is if someone were to build a kernel thatenabled "No Execute" or "Disable Execution", could that compromise otherDomUs? Or would that just leave their DomU vulnerable to runningmalicious code?

Anyone aware of anything else?

Thanks

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-devel] Security Implications of letting customers use their own kernel, Jonathan Tripathy <= RE: [Xen-devel] Security Implications of letting customers use theirown kernel, James Harper Re: [Xen-devel] Security Implications of letting customers use theirown kernel, George Dunlap Re: [Xen-devel] Security Implications of letting customers use theirown kernel, Jonathan Tripathy [Xen-devel] Re: Security Implications of letting customers use theirown kernel, Paolo Bonzini

Previous by Date:	Re: [Xen-devel] [PATCH][TOOLS] libxl: open code basename(), Juergen Gross
Next by Date:	Re: [Xen-devel] [PATCH] svm: support VMCB cleanbits, Christoph Egger
Previous by Thread:	[Xen-devel] [PATCH][TOOLS] libxl: open code basename(), Christoph Egger
Next by Thread:	RE: [Xen-devel] Security Implications of letting customers use theirown kernel, James Harper
Indexes:	[Date] [Thread] [Top] [All Lists]

This site is hosted by Citrix