|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Xen Security
On 20 Jan 2005, at 11:00, Neugebauer, Rolf wrote: -----Original Message----- From: xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx [mailto:xen-devel- admin@xxxxxxxxxxxxxxxxxxxxx] On Behalf Of Phillip Mumford Sent: 19 January 2005 14:39 To: xen-devel@xxxxxxxxxxxxxxxxxxxxx Subject: [Xen-devel] Xen Security Just a quick question regarding the security of a Xen host. Are there any security implications I need to be aware of if I allow a Xen-U host to use kernel modules? I've mainly used UML in past, where a user could easily read files on the host machines filesystem. Is it safe to allow people to run with modules allowed?Xen provides stronger isolation than UML and kernel modules in a VM should only be able to compromise the resources that that VM has access to (eg its filespace) but not other VMs But to further prevent security issues inside that domain, disable if you can modules and, to some extent, sysctl support. ------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |