From mboxrd@z Thu Jan  1 00:00:00 1970
From: Brian Hays <brian.hays@gmail.com>
Subject: domU to dom0 security
Date: Thu, 24 Mar 2005 08:52:41 -0500
Message-ID: <e4ca66ec0503240552293a8237@mail.gmail.com>
Reply-To: Brian Hays <brian.hays@gmail.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Sender: xen-devel-admin@lists.sourceforge.net
Errors-To: xen-devel-admin@lists.sourceforge.net
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.sourceforge.net>
List-Help: <mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
To: xen-devel@lists.sourceforge.net
List-Id: xen-devel@lists.xenproject.org

Hello,

I am considering using XEN to host "virtual dedicated servers" for a
few of my clients. Are there any security issues that would allow domU
(guestOS) admins access to dom0 or global xend commands by default? If
so, is there anything I can do to lock it down so that only dom0 users
(root) would have access to dom0 and the xend commands?

Thanks,
Brian


-------------------------------------------------------
This SF.net email is sponsored by Microsoft Mobile & Embedded DevCon 2005
Attend MEDC 2005 May 9-12 in Vegas. Learn more about the latest Windows
Embedded(r) & Windows Mobile(tm) platforms, applications & content.  Register
by 3/29 & save $300 http://ads.osdn.com/?ad_id=6883&alloc_id=15149&op=click