|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Module loading in unpriveledged domains
> Ian Pratt wrote: > >>Is there any security risk in enabling loadable module support in the linux > >>kernel used for the unpriveledged domains? I ask this question in the > >>context of > >>a virtual private server hosting provider. > > > > There shouldn't be any security risk at all -- Xen should provide > > all the isolation you need (modulo any bugs). > > So the answer to the original question is, "yes, enabling loadable module > support will increase your exposure to security risks due to any weaknesses > in Xen's isolation." Xen hasn't had particularly extensive security review > yet. I don't think that preventing loadable module support is going to buy you anything. If your users have root they can write to the domain's memory image and hence in practice do anything that they could if they had kernel modules. Xen has been designed to provide secure isolation between guests. It has undergone code review by a bunch of different people. It may have security bugs, but at least they're relatively obscure... Ian ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://productguide.itmanagersjournal.com/ _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |