[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 0/3] domUloader

Hi Adam,

On Tue, Jan 17, 2006 at 11:28:58AM -0600, Adam Heath wrote:
> On Tue, 17 Jan 2006, Kurt Garloff wrote:
> >    In a paranoid scenario, you would not load any data from the domU
> >    filesystem in any way :-) But I can see why you would choose
> >    pygrub over domUloader in a sensitive environment, where you
> >    can't trust the domU admins. Point taken.
> >    I still think that in many use scenarios, you would be perfectly
> >    fine with domUloader.
> Have a special kernel that is used just for this, then boot a temporary domU,
> using this special kernel, read the data you need from the filesystem, then
> shut it down.

Good solution but quite complex ...

I wonder whether it would be easier porting grub to xen.

For now something simple that just works and is secure enough for 90+% 
of the users does not look so bad to me.

Kurt Garloff, Head Architect, Director SUSE Labs (act.), Novell Inc.

Attachment: pgp_MrEW9BIDt.pgp
Description: PGP signature

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.