WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Xen-users] Re: Exploiting XEN

from [Tim Post] [Permanent Link][Original]
To: "Kraska, Joe A (US SSA)" <joe.kraska@xxxxxxxxxxxxxx>
Subject: RE: [Xen-users] Re: Exploiting XEN
From: Tim Post <tim.post@xxxxxxxxxxxxxxx>
Date: Fri, 16 Mar 2007 06:50:22 +0800
Cc: Xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Thu, 15 Mar 2007 15:49:33 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <09D59AEF0405D740BDCA2FAC0E0EA97601B3D3C5@xxxxxxxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Organization: Net Kinetics
References: <20070313154326.GB24377@xxxxxxxxxx> <907625E08839C4409CE5768403633E0B018E1A6D@xxxxxxxxxxxxxxxxx> <45F990E9.4020303@xxxxxxxxxx> <09D59AEF0405D740BDCA2FAC0E0EA97601B3D3B0@xxxxxxxxxxxxxxxxxxx> <1173990933.6540.191.camel@xxxxxxxxxxxxxxxxxxxxx> <09D59AEF0405D740BDCA2FAC0E0EA97601B3D3C5@xxxxxxxxxxxxxxxxxxx>
Reply-to: tim.post@xxxxxxxxxxxxxxx
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
On Thu, 2007-03-15 at 15:37 -0700, Kraska, Joe A (US SSA) wrote:
> > A more interesting question is what about underprivileged attempts on
> > dom-0 itself, i.e. non-root users?
> 
> *shrug*
> 
> I assume that local access implies probable total access. Facet count
> exposures and all that. For myself, I would never let an untrusted user
> onto dom0. EVER. Same with my ESX installations.

Not without *serious* consideration and planning. Being able to offer
parts of xen safely to system users would be really cool, and is
possible to do if a great many what-if's are addressed.

There would obviously need to be a much higher level of trust in those
users and their practices than in users operating as root on guests.

For installations on private research grids or clusters where disposable
infrastructure works, it remains a keen idea and goal. I'd really love
to make Xen more just like a part of Linux up to the privileged level,
just to a degree. Opens up interesting doors.

Anyway, Going off topic now :)

Best,
--Tim


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re[2]: [Xen-users] Networking doesn't work, Russell Robinson
Next by Date:  Re: [Xen-users] Networking doesn't work, jez
Previous by Thread:  RE: [Xen-users] Re: Exploiting XEN, Kraska, Joe A \(US SSA\)
Next by Thread:  [Xen-users] Re: Re: Exploiting XEN, Michelle Konzack
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy