Infact, to go into a little detail while I think Xen is very
secure:
I've been reading a lot of papers and slides from InvisibleThings.
They present a lot of way you can "own" Xen. All of their exploits require root
access to the Dom0. And the couple of exploits that they describe to breaking
out of DomU in the Dom0 have been patched, so I'm pretty convinced that as long
as you keep the Dom0 safe, you're good.
Honestly though, why bother with exploits when you have access to
Dom0??
Cheers
All I'm doing, is asking on the mailing list about the security
aspects of Xen. I am aware that bugs will always exsist, however I need to make
sure that Xen isn't in a "broken" state regarding Domain isolation. Sounds to me
as if it's pretty secure :)
From: chris
[mailto:tknchris@xxxxxxxxx]
Sent: Fri 16/07/2010 14:35
To:
Jonathan Tripathy
Cc: Vern Burke;
Xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] Xen
Security
All technical aspects aside, if something is that sensitive,
common
sense should kick in and tell you its not a good idea. The mere
fact
that someone is coming to the list shows they already have doubts.
I
don't think any answer from the list will give them the warm
fuzzy
feeling that they are looking for. Also, when it comes to your
clients
are you really going to be telling your clients that the xen
mailing
list told you so? :)
I think the technical aspects such as
vulnerabilities or bugs
shouldn't even be a factor here, those will always be
possible.
On Fri, Jul 16, 2010 at 9:32 AM, Jonathan Tripathy
<jonnyt@xxxxxxxxxxx> wrote:
> As of now, is 3.4.3 free of known
exploits? I understand what you are saying
> about 3.0.3 and 3.2.x as they
have a couple of bad exploits...
>
> Cheers
>
________________________________
> From: Vern Burke [mailto:vburke@xxxxxxxx]
> Sent: Fri
16/07/2010 14:15
> To: Jonathan Tripathy
> Cc:
Xen-users@xxxxxxxxxxxxxxxxxxx
> Subject: Re: [Xen-users] Xen
Security
>
> I'd keep it up to snuff, yes. I myself test ran each
XCP release
> candidate and the upgraded to the final 0.5.0 release within
24 hours of
> each becoming available.
>
> I really shudder to
see people recommending running old 3.0.3 and 3.2.x
> releases because
that's what happens to get thrown in with the
> particular Linux
distribution. I think it's bad news.
>
> Vern Burke
>
>
SwiftWater Telecom
> http://www.swiftwatertel.com
> Xen
Cloud Control System
> http://www.xencloudcontrol.com
>
>
On 7/16/2010 7:59 AM, Jonathan Tripathy wrote:
>> Thanks
Vern,
>> I can indeed keep my VMs up to date, however the customers
will be in
>> charge of their VMs so I can't upgrade theirs, however I
think this is a
>> moot point as they will have root access
anyway.
>> I should probably upgrade my Xen 3.4.2 to 3.4.3
then?
>> Thanks
>>
>>
------------------------------------------------------------------------
>>
*From:* Vern Burke [mailto:vburke@xxxxxxxx]
>> *Sent:*
Fri 16/07/2010 12:25
>> *To:* Jonathan Tripathy;
xen-users-bounces@xxxxxxxxxxxxxxxxxxx;
>>
Xen-users@xxxxxxxxxxxxxxxxxxx
>> *Subject:* Re: [Xen-users] Xen
Security
>>
>> I did NOT say that. Like much of the current
discussion about cloud
>> security, it comes down to degree of likely.
You are FAR more likely to
>> have a VM hacked directly as the result
of lousy system admin practices
>> than you are some remote theoretical
possibility of someone breaching
>> the
hypervisor.
>>
>> In my opinion, unless you're storing nuclear
launch codes, keep the
>> cloud/hypervisor up to date, keep the guest
OS up to date, and follow
>> system admin best practices and the
chances of being hacked are
>> vanishingly
small.
>>
>> Vern
>>
>> Vern Burke,
SwiftWater Telecom, http://www.swiftwatertel.com
>>
>>
-----Original Message-----
>> From: Jonathan Tripathy
<jonnyt@xxxxxxxxxxx>
>> Sender:
xen-users-bounces@xxxxxxxxxxxxxxxxxxx
>> Date: Fri, 16 Jul 2010
08:05:43
>> To: Vern Burke<vburke@xxxxxxxx>;
<Xen-users@xxxxxxxxxxxxxxxxxxx>
>> Subject: Re: [Xen-users] Xen
Security
>>
>> Hi Vern,
>>
>> So you think I
should just set up my networking properly and forget
>> about the rest?
Do you feel it ok to share the same Xen host with
>> internal VMs with
public VMs?
>>
>> Thanks
>>
>>
>>
On 16/07/10 02:10, Vern Burke wrote:
>> > I have no idea how
you could actually PROVE that there's no possible
>> > way
someone could break out of a dom U into the dom 0. As I've
written
>> > before, since Xen is out and about in such a
large way (being the
>> > underpinning of Amazon EC2) that if
there was a major risk of this,
>> > we'd have seen it happen
already.
>> >
>> > Vern
Burke
>> >
>> > SwiftWater
Telecom
>> > http://www.swiftwatertel.com
>>
> ISP/CLEC Engineering Services
>> > Data Center
Services
>> > Remote Backup Services
>>
>
>> > On 7/15/2010 7:07 PM, Jonathan Tripathy
wrote:
>> >>
>> >> On 15/07/10 23:49,
Jonathan Tripathy wrote:
>> >>> Hi
Everyone,
>> >>>
>> >>> My Xen
host currently run DomUs which contain some very sensitive
>>
>>> information, used by our company. I wish to use the same server
to
>> >>> host some VMs for some customers. If we assume
that networking is set
>> >>> up securely, are there any
other risks that I should worry about?
>>
>>>
>> >>> Is Xen secure regarding "breaking
out" of the VM?
>> >>>
>> >>>
Thanks
>> >>>
>> >>>
_______________________________________________
>> >>>
Xen-users mailing list
>> >>>
Xen-users@xxxxxxxxxxxxxxxxxxx
>> >>> http://lists.xensource.com/xen-users
>>
>>
>> >> I'm running Xen 3.4.2 on CentOS 5.5 Dom0 by
the way.
>> >>
>> >>
_______________________________________________
>> >>
Xen-users mailing list
>> >>
Xen-users@xxxxxxxxxxxxxxxxxxx
>> >> http://lists.xensource.com/xen-users
>>
>>
>>
>>
_______________________________________________
>> Xen-users mailing
list
>> Xen-users@xxxxxxxxxxxxxxxxxxx
>> http://lists.xensource.com/xen-users
>>
>>
>>
>>
_______________________________________________
>> Xen-users mailing
list
>> Xen-users@xxxxxxxxxxxxxxxxxxx
>> http://lists.xensource.com/xen-users
>
>
_______________________________________________
> Xen-users mailing
list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
>