[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] XCP/Xen security
The ability of a misbehaved DomU to crash the Dom0 isn't a pretty idea, but I can't imagine it would expose unauthorised user data, which seems to be what the big worry is about. Vern ------Original Message------ From: Steven Timm To: Vern Burke Cc: xen-users@xxxxxxxxxxxxxxxxxxx Subject: Re: [Xen-users] XCP/Xen security Sent: Mar 15, 2010 21:40 I've never seen it happen, but according to the various security bulletins that have come out on the xen kernels that come from RedHat it can happen. What I have done myself is by nasty I/O inside the domU to crash not only the domU but panic the dom0 that is hosting it too. I think that is the bigger risk. Much of this stuff if I understand correctly is due to vulnerabilities in the virtual machines layer of the hardware itself. Steve On Tue, 16 Mar 2010, Vern Burke wrote: > Greetings all: > Just a general question for the group at large. I find myself in the > position of fighting a lot of vague "cloud security issues". > > The question is, has anyone ever seen a VM break into the Xen hypervisor > layer and presumably break into another VM? I'm not talking about an external > attack on the Dom0, I'm talking about an internal attack through the DomU's > connection to the hypervisor. > > Vern > Sent from my BlackBerry® wireless device from U.S. Cellular > -- ------------------------------------------------------------------ Steven C. Timm, Ph.D (630) 840-8525 timm@xxxxxxxx http://home.fnal.gov/~timm/ Fermilab Computing Division, Scientific Computing Facilities, Grid Facilities Department, FermiGrid Services Group, Assistant Group Leader. Sent from my BlackBerry® wireless device from U.S. Cellular _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |