This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
Home Products Support Community News


Re: [Xen-devel] domU to dom0 security

To: xen-devel@xxxxxxxxxxxxxxxxxxxxx, Brian Hays <brian.hays@xxxxxxxxx>
Subject: Re: [Xen-devel] domU to dom0 security
From: Mark Williamson <maw48@xxxxxxxxxxxx>
Date: Thu, 24 Mar 2005 19:44:13 +0000
Delivery-date: Thu, 24 Mar 2005 19:56:36 +0000
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <e4ca66ec0503240552293a8237@xxxxxxxxxxxxxx>
List-archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id: List for Xen developers <xen-devel.lists.sourceforge.net>
List-post: <mailto:xen-devel@lists.sourceforge.net>
List-subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
References: <e4ca66ec0503240552293a8237@xxxxxxxxxxxxxx>
Sender: xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx
User-agent: KMail/1.8
> I am considering using XEN to host "virtual dedicated servers" for a
> few of my clients. Are there any security issues that would allow domU
> (guestOS) admins access to dom0

No the aim is for domUs to have no more power to abuse dom0 than a separate 
physical machine would (i.e. they'd have to use some sort of network based 
attack, just like another machine would).

> or global xend commands by default?

I think the current default is to accept Xend commands anywhere (!).  You can 
restrict this to only allow commands from localhost (i.e. from users local to 
dom0).  This is a bit better, as long as you trust your dom0 users.

You'll probably want to use some firewall rules in dom0 to isolate the Xend 
and Xfrd services appropriately.


> If  
> so, is there anything I can do to lock it down so that only dom0 users
> (root) would have access to dom0 and the xend commands?
> Thanks,
> Brian
> -------------------------------------------------------
> This SF.net email is sponsored by Microsoft Mobile & Embedded DevCon 2005
> Attend MEDC 2005 May 9-12 in Vegas. Learn more about the latest Windows
> Embedded(r) & Windows Mobile(tm) platforms, applications & content. 
> Register by 3/29 & save $300
> http://ads.osdn.com/?ad_id=6883&alloc_id=15149&op=click
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/xen-devel

SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
Xen-devel mailing list

<Prev in Thread] Current Thread [Next in Thread>