WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] domU kernel

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] domU kernel
From: Steve Wray <steve.wray@xxxxxxxxx>
Date: Tue, 16 Oct 2007 07:58:02 +1300
Delivery-date: Mon, 15 Oct 2007 11:58:50 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <47130C53.5060907@xxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <470EF48A.5070601@xxxxxxxxxxx> <20071012045437.GA25878@xxxxxxxxxxxx> <4712B182.6050002@xxxxxxxxx> <47130C53.5060907@xxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.6 (Macintosh/20070728)
Nico Kadel-Garcia wrote:
Steve Wray wrote:
Christian Horn wrote:
On Fri, Oct 12, 2007 at 12:14:02AM -0400, IDAGroup - R.W.Muller wrote:
Hi, I found lots of threads where people talk about domU kernel sitting in /boot of dom0.
[snip]

cons: Security. You now have a domU in which a local exploit could result in code being executed in dom0 at the next boot of that domU. By the way, this actually happened. See CVE-2007-4993

IMHO putting the kernel in domU and using pygrub was always asking for trouble.

In my opinion it is completely crazy to expose dom0 to potential exploits from domU.

So far as I am aware this is the *only* way to so expose dom0 to domU security holes and I am deeply shocked if it is true that "One sees mostly this nowadays"

There's a big advantage to pygrub: kernel update procedures for DomU have nothing to do with Dom0's kernel. This prevents version and feature conflicts with package management sytems, and allows updates and reboots of DomU without having to write to Dom0. This was particularly


I don't believe that the convenience of this outweighs the undeniable security implications.


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>