[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] protection against a domu assigning a uuid to block device

I noticed on a Debian Dom0 I built recently that it mounted some volumes by 
uuid. That devices in question were aka /dev/sdaX, so mounting by uuid seems 
like the sensible thing to do, but what would happen if that uuid became known 
to a malicious domu and it wrote the same uuid to its own lvm volume?

How does Linux cope with multiple uuid's? would it be possible that a volume 
mounted by uuid have the malicious domu's lvm volume mounted instead, assuming 
these volumes are all available at boot time?

Ditto for labels too I guess, and even more so as these are more easily 
guessable (I've used root, var, and usr as labels before)



Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.