From mboxrd@z Thu Jan  1 00:00:00 1970
From: Rich Persaud <rich.p@xensource.com>
Subject: Re: severe security issue on	dom0/xend/xm/non-root	users
Date: Fri, 04 Mar 2005 14:47:57 -0500
Message-ID: <4228BB6D.8050209@xensource.com>
References: <Pine.LNX.4.58.0503041118010.13626@gradall.private.brainfood.com>	 <1109962904.2746.12.camel@localhost>	 <Pine.LNX.4.58.0503041334030.13626@gradall.private.brainfood.com> <1109966042.3351.15.camel@localhost>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
In-Reply-To: <1109966042.3351.15.camel@localhost>
Sender: xen-devel-admin@lists.sourceforge.net
Errors-To: xen-devel-admin@lists.sourceforge.net
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.sourceforge.net>
List-Help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
To: Anthony Liguori <aliguori@us.ibm.com>
Cc: Adam Heath <doogie@brainfood.com>, "xen-devel@lists.sourceforge.net" <xen-devel@lists.sourceforge.net>, Bastian Blank <waldi@debian.org>
List-Id: xen-devel@lists.xenproject.org

Anthony Liguori wrote:

>We debated this previously with respect to boot loaders.  At the end of
>the day, you just don't want any code running, no matter how restricted,
>in dom0 that you don't trust.
>  
>
While on this subject, has anyone tried running LIDS, grsecurity and/or 
SELinux in dom0?

Rich


-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click