Xen project Mailing List

Re: [Xen-devel] Guest to Host communication

To: Ian Campbell <Ian.Campbell@xxxxxxxxxx>

From: "Jose A. Lopes" <jabolopes@xxxxxxxxxx>

Date: Mon, 4 Nov 2013 11:51:45 +0100

Cc: George Dunlap <george.dunlap@xxxxxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Paul Durrant <Paul.Durrant@xxxxxxxxxx>

Delivery-date: Mon, 04 Nov 2013 12:45:34 +0000

List-id: Xen developer discussion <xen-devel.lists.xen.org>

Hi, Thanks, we'll have a look at that. Regards, Jose On Thu, Oct 31, 2013 at 08:02:29PM +0000, Ian Campbell wrote: > On Thu, 2013-10-31 at 19:42 +0100, Jose A. Lopes wrote: > > > When you say "look inside" the filesystem do you mean to mount that > > filesystem > > in the host OS? If so, it seems that it is very dangerous to mount > > guest filesystems > > due to a number of exploits. > > If you only need r/o access from the host then you could use > tools/libfsimage (which has python binding, used by pygrub) which at > least constrains things to a userspace process and not a kernel mode > exploit. With suitable privilege dropping this can be made reasonably > safe... > > Ian. > > -- Jose Antonio Lopes Ganeti Engineering Google Germany GmbH Dienerstr. 12, 80331, München Registergericht und -nummer: Hamburg, HRB 86891 Sitz der Gesellschaft: Hamburg Geschäftsführer: Graham Law, Christine Elizabeth Flores Steuernummer: 48/725/00206 Umsatzsteueridentifikationsnummer: DE813741370 _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.