|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: Building domains as a lesser user (was Re: [Xen-devel] boot loaders for domain != 0)
> The current architecture of Xen requires that we trust whatever is > running in Domain-0. The problems being cited wouldn't be a > problem if > you could create domains from unpriviledged Domains because you could > have creator Domains who could be created from a trusted > source and used > as a buffer against attack. It's always been part of the plan to be able to delegate dom0 functions to enable one domain to be given control over another e.g. to create it, map its pages, stop/start, debug etc. It just hasn't been a priority to implement this, but it's the direction we're heading with some of the security work. Of course, we'll have to rename dom0_op to something else :-) Ian ------------------------------------------------------- This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting Tool for open source databases. Create drag-&-drop reports. Save time by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc. Download a FREE copy at http://www.intelliview.com/go/osdn_nl _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |