From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1Milwe-0000Wz-R9
	for qemu-devel@nongnu.org; Wed, 02 Sep 2009 05:16:01 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1MilwZ-0000Ra-Ou
	for qemu-devel@nongnu.org; Wed, 02 Sep 2009 05:16:00 -0400
Received: from [199.232.76.173] (port=33042 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1MilwZ-0000RJ-Hc
	for qemu-devel@nongnu.org; Wed, 02 Sep 2009 05:15:55 -0400
Received: from smtp2-g21.free.fr ([212.27.42.2]:32911)
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <revol@free.fr>) id 1MilwY-0003tE-TU
	for qemu-devel@nongnu.org; Wed, 02 Sep 2009 05:15:55 -0400
Received: from smtp2-g21.free.fr (localhost [127.0.0.1])
	by smtp2-g21.free.fr (Postfix) with ESMTP id 3EA8A4B01DD
	for <qemu-devel@nongnu.org>; Wed,  2 Sep 2009 11:15:50 +0200 (CEST)
Received: from laptop (vaf26-2-82-244-111-82.fbx.proxad.net [82.244.111.82])
	by smtp2-g21.free.fr (Postfix) with ESMTP id 3C0914B01B5
	for <qemu-devel@nongnu.org>; Wed,  2 Sep 2009 11:15:48 +0200 (CEST)
In-Reply-To: <4A9E178D.90804@redhat.com>
Subject: Re: [Qemu-devel] Re: QEMU as a "virtual smart card"?
From: "=?utf-8?q?Fran=C3=A7ois?= Revol" <revol@free.fr>
Date: Wed, 02 Sep 2009 11:17:14 +0200 CEST
Message-Id: <1603265261-BeMail@laptop>
Mime-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

> > At least looking naively at QEMU, it seems that its CPU and RAM are
> > well protected from the host operating system--in a way to say make 
> > it
> > practically impossible for some malware to extract the secret key 
> > used
> > in a virtual machine.
> 
> I don't understand: the host operating system, by definition, can see 
> everything.  A privileged process (i.e. running as root) can always 
> look 
> at /dev/mem and read info about QEMU's CPU and RAM.

Or attach gdb and step the whole thing or put breakpoints on 
ReadPassword() :)

Fran=C3=A7ois.