WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] Xen Security

To: Jonathan Tripathy <jonnyt@xxxxxxxxxxx>, "xen-users@xxxxxxxxxxxxxxxxxxx" <xen-users@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [Xen-users] Xen Security
From: Vern Burke <vburke@xxxxxxxx>
Date: Thu, 15 Jul 2010 21:10:51 -0400
Cc:
Delivery-date: Thu, 15 Jul 2010 18:12:16 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
In-reply-to: <4C3F94C3.5050207@xxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <4C3F905E.9030100@xxxxxxxxxxx> <4C3F94C3.5050207@xxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.10) Gecko/20100512 Thunderbird/3.0.5
I have no idea how you could actually PROVE that there's no possible way someone could break out of a dom U into the dom 0. As I've written before, since Xen is out and about in such a large way (being the underpinning of Amazon EC2) that if there was a major risk of this, we'd have seen it happen already.

Vern Burke

SwiftWater Telecom
http://www.swiftwatertel.com
ISP/CLEC Engineering Services
Data Center Services
Remote Backup Services

On 7/15/2010 7:07 PM, Jonathan Tripathy wrote:

On 15/07/10 23:49, Jonathan Tripathy wrote:
Hi Everyone,

My Xen host currently run DomUs which contain some very sensitive
information, used by our company. I wish to use the same server to
host some VMs for some customers. If we assume that networking is set
up securely, are there any other risks that I should worry about?

Is Xen secure regarding "breaking out" of the VM?

Thanks

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

I'm running Xen 3.4.2 on CentOS 5.5 Dom0 by the way.

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>