On Wed, Nov 15, 2006 at 01:03:34PM -0600, Anthony Liguori wrote: > > >The scenario here is a compromised guest attempting to harm a host such > >as Xen. > > The only "harm" done to a host is that the process will take as much CPU > as it can get. This is really only a problem in Xen because the device > model is in Domain-0. Once the device model is in a different domain, > it doesn't matter anymore as the normal scheduler parameters can be used > to ensure that no other hosts are harmed.
Actually it'll still be a problem in a driver domain unless it (and the hardware) is dedicated to a single guest. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt _______________________________________________ Qemu-devel mailing list Qemu-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/qemu-devel