 Home |
Products |
Support |
Community |
News |
xen-users
[Xen-users] malicious paravirtualized guests: security and isolation
| To: | xen-users@xxxxxxxxxxxxxxxxxxx |
|---|---|
| Subject: | [Xen-users] malicious paravirtualized guests: security and isolation |
| From: | "Vasiliy Baranov" <vasiliy.baranov@xxxxxxxxx> |
| Date: | Thu, 6 Nov 2008 16:15:24 +0300 |
| Delivery-date: | Thu, 06 Nov 2008 05:16:06 -0800 |
| Dkim-signature: | v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:mime-version:content-type; bh=z9fWXzUd3Rrxvl2fuy2+stljM7ZgOS7ZtJUD5lcdG1M=; b=PTCxRXfsHw9+BvOLLMtZ7qMIgttQuPvr6mcOm2MzOe5s104n8c5RSL4dJVxUeboQgf AFlwZeoJjaDwh0gsTPh8pIWgmPwP2/SDDVlxHxSSBinTUF0c1bfQUXOePBuER5k/D39U OangBbMWR088HlToGRkW8xnFAK91iemxf6pvY= |
| Domainkey-signature: | a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type; b=PUkEppXodO4DWy1OF2Eia8e1ayQpztxvaU69yPUwstPOLS1BdhaXae0PXnbAATzENO qyx7yICS3RcmRFCvRXNdaXFGOAVDME913K18g/SLzHkKw7f0oZn20kBj2Y9KhFX+xMC6 /c1QAEjiIzQYhymTUM0qzNmX/ucZ3Vu/hKj48= |
| Envelope-to: | www-data@xxxxxxxxxxxxxxxxxxx |
| List-help: | <mailto:xen-users-request@lists.xensource.com?subject=help> |
| List-id: | Xen user discussion <xen-users.lists.xensource.com> |
| List-post: | <mailto:xen-users@lists.xensource.com> |
| List-subscribe: | <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe> |
| List-unsubscribe: | <http://lists.xensource.com/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe> |
| Sender: | xen-users-bounces@xxxxxxxxxxxxxxxxxxx |
|
Hi, I have a question about isolation and security guarantees Xen provides, if any, in cases when domU guests are not completely trusted, that is, can be malicious. Right now I am specifically interested in the scenario where all guests are paravirtualized, but HVM case is of some interest too. Say, I want to let my users run their own guests on a Xen host that I own. Users will bring their own disk images. I don't completely trust my users. Does the use of Xen guarantees that malicious guests will be unable to harm other guests or the entire host in any way (for example, kill the entire host)? It is interesting to know both what is guaranteed in theory (that is, if Xen and dom0 work as designed) and how things go in practice. If I disallow users to use their kernels, that is, if I run guests with my own kernel(s) only, will that improve the situation? How about loadable kernel modules? If I allow Linux guests to load their custom kernel modules, will that nullify the effect of using trusted kernels? I currently use Xen 3.1.4, if that matters. Thank you very much in advance, Vasiliy _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | AW: Released from eSafe SPAM quarantine: Re: [Xen-users] Network-problems with multiple(16) virtual machines, Rustedt, Florian |
|---|---|
| Next by Date: | Re: [Xen-users] Tutorial for Windows guest on Xen, Paras pradhan |
| Previous by Thread: | [Xen-users] Xen Networking advice - how to configure for DHCP to guests, Dealy, Brian |
| Next by Thread: | [Xen-users] Re: malicious paravirtualized guests: security and isolation, Vasiliy Baranov |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
