On Wed, Jan 21, 2015 at 11:07 AM, Thomas Leonard <[email protected]> wrote:
> I've now got my file queue REST service working with TLS on > Mirage/Xen, and I've put up my notes on the process here: > > http://roscidus.com/blog/blog/2015/01/21/securing-the-unikernel/ > > Let me know if you spot any flaws in the scheme! It would be good to > have some of our security guys check I'm doing sane things. > Very interesting post! Regarding checking that your components aren't 'accidentally' accessing the raw block device: I'm sure you're right that linking the unikernel for Unix would smoke out any references to the raw Xen blkfront. It might get a bit harder in future when blkfront itself has been functorised and can be linked anywhere, but perhaps this is where a bit of dead code analysis comes in -- we already want to remove unused functions to shrink binary size but perhaps we could check that certain functions/modules/functors have been removed to prove a security property? Cheers, Dave I think it would be useful to provide some standard advice to people > on providing secure services, once we've figured it out ourselves... > > -- > Dr Thomas Leonard http://0install.net/ > GPG: 9242 9807 C985 3C07 44A6 8B9A AE07 8280 59A5 3CC1 > GPG: DA98 25AE CAD0 8975 7CDA BD8E 0713 3F96 CA74 D8BA > > _______________________________________________ > MirageOS-devel mailing list > [email protected] > http://lists.xenproject.org/cgi-bin/mailman/listinfo/mirageos-devel > -- Dave Scott
_______________________________________________ MirageOS-devel mailing list [email protected] http://lists.xenproject.org/cgi-bin/mailman/listinfo/mirageos-devel
