|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-devel] Re: Unofficial Xen 2.0 debian packages kinda broken
Adam Heath wrote: > Do you really want to allow your virtualized users to be able to > change the kernel? Yes. In some cases. There are cases where strict separation is not an issue, where granting priviledges does not really matter. And even where strict separation is an issue, with Xen there shouldn't be any problem, should there? I mean, with UML obviously if the kernel is compromised, it can access everything the binary can on the host - and needs to be restricted there somehow. And if compromising the kernel shouldn't be possible, it gives quite a bit of restrictions on the guest side - like no modules allowed and so. But with Xen, the separation is on a lower layer, and there should be no problem allowing custom built kernels with custom patches or binary modules or whatnot. But in any case, it is simply a choice there. -- Naked ------------------------------------------------------- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |