[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Building domains as a lesser user (was Re: [Xen-devel] boot loaders for domain != 0)

Jacob Gorm Hansen wrote:

Anthony Liguori wrote:

If we trust Linux to enforce security, we do not need Xen at all ;-)

The current architecture of Xen requires that we trust whatever is running in Domain-0. The problems being cited wouldn't be a problem if you could create domains from unpriviledged Domains because you could have creator Domains who could be created from a trusted source and used as a buffer against attack.

No matter what, you're trusting some non-Xen piece of software to enforce security within Domain-0, unless the next step in Xen is to write a Domain-0 OS :-)


Anthony Liguori

This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.