WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Xen-users] Security of Xen host and guests?

from [Steve Brueckner] [Permanent Link][Original]
To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: RE: [Xen-users] Security of Xen host and guests?
From: Steve Brueckner <steve@xxxxxxxxxxxxxx>
Date: Tue, 24 Apr 2007 12:22:14 -0400
Delivery-date: Tue, 24 Apr 2007 09:20:39 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
Petersson, Mats wrote:
>> [mailto:xen-users-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of Frank
>> 
>> How secure are Xen guests and hosts if a guest is compromised?
>> 
>> Does the compromise of a guest be as a gateway to compromise both
>> hosts and other guests?
> 
> Each guest is protected from getting to any other guest and it's not
> possible for example for a guest to access another guests memory or
> disk-storage [a guest can ALLOW another guest to access it's memory,
> that's how drivers work, but the guest owning the memory must perform
> a "grant" operation].    
> 

I realize that this is the security policy for Xen, but can we really 
be sure that the hypervisor implementation is provably secure?  I doubt 
that NSA would consider it so.  Just because we haven't seen someone 
"break out" of a guest doesn't mean it's impossible.  That's why there 
is still research going on into secure hypervisors (e.g., shype).

I know this is a little paranoid, but nevertheless.  It posits 
something like a very clever, low-level timing attack on a fundamental 
implementation or design flaw.  Remember the blind spots inherent in 
breaking one's own security.  

However, for general purpose, commercial use, I'm willing to believe 
that Xen is pretty darn secure.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] Kernel for 3.05-testing, Mark Williamson
Next by Date:  Re: [Xen-users] Patching libc for xen, Mark Williamson
Previous by Thread:  Re: [Xen-users] Security of Xen host and guests?, Mark Williamson
Next by Thread:  Re: [Xen-users] Security of Xen host and guests?, Mark Williamson
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy