xen-users

RE: [Xen-users] Re: Exploiting XEN

Subject:	RE: [Xen-users] Re: Exploiting XEN
From:	"Kraska, Joe A \(US SSA\)" <joe.kraska@xxxxxxxxxxxxxx>
Date:	Thu, 15 Mar 2007 12:42:50 -0700
Cc:	Xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date:	Thu, 15 Mar 2007 12:41:56 -0700
Envelope-to:	www-data@xxxxxxxxxxxxxxxxxx
List-help:	<mailto:xen-users-request@lists.xensource.com?subject=help>
List-id:	Xen user discussion <xen-users.lists.xensource.com>
List-post:	<mailto:xen-users@lists.xensource.com>
List-subscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe:	<http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References:	<20070313154326.GB24377@xxxxxxxxxx><907625E08839C4409CE5768403633E0B018E1A6D@xxxxxxxxxxxxxxxxx> <45F990E9.4020303@xxxxxxxxxx>
Sender:	xen-users-bounces@xxxxxxxxxxxxxxxxxxx
Thread-index:	AcdnMD5rqF49dHt7SSOGsC+f2oh+agACaz4Q
Thread-topic:	[Xen-users] Re: Exploiting XEN

> > I guess that's a fair comment too. Dom0 is a large part of a Xen
> > environment, and if Dom0 is compromised, then Xen can't really do
that
> > much to prevent the system from being crashed, subverted or other
> > malicious acts. But I believe Xen itself is "safe" from Dom0 being
> > compromised
> 
> It's not.  Dom0 (or any IO domain) has direct access to DMA
controllers.
>   It can use DMA to overwrite the hypervisor's memory with arbitrary
data.

I believe he was saying that dom0 was "safe" from an attempt to
compromise
originating out of a domU. No domU can be safe from dom0. That should be
understood.

Joe.



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-users] Exploiting XEN, Artur Baruchi RE: [Xen-users] Exploiting XEN, Petersson, Mats Re: [Xen-users] Exploiting XEN, Daniel P. Berrange RE: [Xen-users] Exploiting XEN, Petersson, Mats Re: [Xen-users] Exploiting XEN, Mark Williamson [Xen-users] Re: Exploiting XEN, Anthony Liguori RE: [Xen-users] Re: Exploiting XEN, Kraska, Joe A \(US SSA\) <= RE: [Xen-users] Re: Exploiting XEN, Tim Post RE: [Xen-users] Re: Exploiting XEN, Kraska, Joe A \(US SSA\) RE: [Xen-users] Re: Exploiting XEN, Tim Post [Xen-users] Re: Re: Exploiting XEN, Michelle Konzack RE: [Xen-users] Re: Re: Exploiting XEN, Petersson, Mats RE: [Xen-users] Re: Re: Exploiting XEN, Kraska, Joe A \(US SSA\) RE: [Xen-users] Re: Re: Exploiting XEN, Kraska, Joe A \(US SSA\) Re: [Xen-users] Exploiting XEN, Tim Post

Previous by Date:	Re: [Xen-users] xen hotplug scripts not working, Tim Post
Next by Date:	[Xen-users] Bridge networking needs proxy ARP?, Russell Robinson
Previous by Thread:	[Xen-users] Re: Exploiting XEN, Anthony Liguori
Next by Thread:	RE: [Xen-users] Re: Exploiting XEN, Tim Post
Indexes:	[Date] [Thread] [Top] [All Lists]

xen.org, Legal and Privacy

This site is hosted by XenSource, a Citrix company