WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

RE: [Xen-users] Xen Security



 

On Fri, Jul 16, 2010 at 5:27 PM, Jonathan Tripathy <jonnyt@xxxxxxxxxxx> wrote:
> Do people on this list generally trust Xen with their private data, mixed
> with public VMs? The folks over at Slicehost, Amazon etc.. seem to...

"mixed" as in having an "intranet only" VM and a "public facing" VM in
the same dom0 box? Yes.

Anyway, like Bart mentioned, "seclusion is created by software. In
theory it is the same thing as physical seclusion, until the software
fails or is compromised." IMHO the risk is no bigger than (say) having
a L2 switch separate public and private network with vlans. There are
some risk involved, and you have to decide whether you can accept it
or not.

--
Fajar

--------------------------------------------------------------------------------------------------------------
 
I think this sums it up pretty well! We could even go as far as saying that the firewall which seperates our DMZ/LAN could have unknown flaws. Anyway, I'm sure if something show-stopping comes up, I'm guessing this list will be the first to hear about it!
 
Bart, good point on the liability issue.
 
Does Xen 4.0 have any security fixes compared to 3.4.2? Or is 4.0 more about features (which could potentially create more holes)?
 
Cheers
 
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
<Prev in Thread] Current Thread [Next in Thread>