WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

RE: [Xen-users] Exploiting XEN

To: "Artur Baruchi" <mail.baruchi@xxxxxxxxx>, Xen-users@xxxxxxxxxxxxxxxxxxx
Subject: RE: [Xen-users] Exploiting XEN
From: "Petersson, Mats" <Mats.Petersson@xxxxxxx>
Date: Tue, 13 Mar 2007 16:30:53 +0100
Delivery-date: Tue, 13 Mar 2007 08:30:49 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <e3977d9c0703130742w2539f854rbe6f4c5dcc3aa5d8@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index: AcdlffX9VKV93w7FQBW2/VsG8+sQUwABT0oA
Thread-topic: [Xen-users] Exploiting XEN
> -----Original Message-----
> From: xen-users-bounces@xxxxxxxxxxxxxxxxxxx 
> [mailto:xen-users-bounces@xxxxxxxxxxxxxxxxxxx] On Behalf Of 
> Artur Baruchi
> Sent: 13 March 2007 14:43
> To: Xen-users@xxxxxxxxxxxxxxxxxxx
> Subject: [Xen-users] Exploiting XEN
> 
> Hi guys,
> 
> Im making somes researchs about security in Virtual Machines, and does
> anybody knows, if exists a exploit or a rootkit for Xen? I would like
> to test it (if exist).

Please take this the right way... If we assume one does exist, would you
send it to me, if I asked you? [particularly if my e-mail address was of
an "anonymous" origin like gmail?] - how do I know that the purpose you
are asking for is the purpose you are REALLY asking for, rather than for
example that you know someone's machine is Xen-based and you want to
break into it. This is a non-moderated mailing-list, anyone with an
e-mail account anywhere in the world (more or less) can sign up. 

I personally am not aware of any "rootkit" that relates to Xen. 

The Xen hypervisor is fairly small, and thus relatively easy to
understand and control against vulnerabilities. Since it's living
"outside" the host-OS that it controls, it's potentially less vulnerable
than those hypervisors that live within the host-OS. 

--
Mats
> 
> Thanks,
> 
> Artur Baruchi
> 
> _______________________________________________
> Xen-users mailing list
> Xen-users@xxxxxxxxxxxxxxxxxxx
> http://lists.xensource.com/xen-users
> 
> 
> 



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>