thr3ads.net - Xen devel - RE: Building domains as a lesser user (was Re: [Xen-devel] boot loaders for domain != 0) [Feb 2005]

If this information is useful, please help other people find it:
Share via:

Ian Pratt

2005-Feb-04 09:44 UTC

RE: Building domains as a lesser user (was Re: [Xen-devel] boot loaders for domain != 0)

> The current architecture of Xen requires that we trust whatever is 
> running in Domain-0.  The problems being cited wouldn''t be a 
> problem if 
> you could create domains from unpriviledged Domains because you could 
> have creator Domains who could be created from a trusted 
> source and used 
> as a buffer against attack.
It''s always been part of the plan to be able to delegate dom0 functions
to enable one domain to be given control over another e.g. to create it,
map its pages, stop/start, debug etc.

It just hasn''t been a priority to implement this, but it''s the
direction
we''re heading with some of the security work.

Of course, we''ll have to rename dom0_op to something else :-)

Ian


-------------------------------------------------------
This SF.Net email is sponsored by: IntelliVIEW -- Interactive Reporting
Tool for open source databases. Create drag-&-drop reports. Save time
by over 75%! Publish reports on the web. Export to DOC, XLS, RTF, etc.
Download a FREE copy at http://www.intelliview.com/go/osdn_nl
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xen-devel

Xen devel - Feb 2005 - RE: Building domains as a lesser user (was Re: boot loaders for domain != 0)

RE: Building domains as a lesser user (was Re: [Xen-devel] boot loaders for domain != 0)