WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

RE: [Xen-users] Xen Security

To: "Simon Hobson" <linux@xxxxxxxxxxxxxxxx>, <Xen-users@xxxxxxxxxxxxxxxxxxx>
Subject: RE: [Xen-users] Xen Security
From: "Jonathan Tripathy" <jonnyt@xxxxxxxxxxx>
Date: Fri, 16 Jul 2010 19:18:26 +0100
Cc:
Delivery-date: Fri, 16 Jul 2010 11:22:16 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <4C3F905E.9030100@xxxxxxxxxxx><20100716060713.GB19848@xxxxxxxxxxxxxxxxx><4C4004FD.8010202@xxxxxxxxxxx> <p0624081dc865c344cbea@xxxxxxxxxxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: Acskv1QjW/OFNOYoQXKc8GZC3p8IdgAU/R/s
Thread-topic: [Xen-users] Xen Security

>One is simply to subvert the communications between the guest and the
>host - things like buffer overflows, code injection, etc

Hi Simon,

You say "simply", however isn't it actually quite difficult to do the things you mentioned? Reading on the CVE lists, there doesn't seem to be any current known possible exploits?

Again, I'm just trying to guage how secure Xen is, and how much the experts (you guys) trust it.

Thanks

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
<Prev in Thread] Current Thread [Next in Thread>