On 08/25/2017 12:41 PM, Martin Kletzander wrote: > On Fri, Aug 25, 2017 at 10:29:03AM +0000, Zhangbo (Oscar) wrote: >>> >>> Host can read all of the guest's memory or mount the image and modify >>> the guest agent. Or even add their own communication program that can >>> do anything. >>> >> >> I get your point now! :) Thanks a lot!! >> >> Further more, kvm seems not as secure as xen, because xen isolates >> dom0 and domU well, >> The administrator on dom0 couldn't access many things belonged to domUs. >> How to solve such problem in kvm? Any scheme? > > I don't know xen much, but maybe AMD SEV or everything-signed-by TPM > would help... I'm no HW guy, but SEV looks like protection against physical attacks, i.e. a guy working for some government agency walking around your server room with a load of liquid gas. At first Intel's SGX [1] looked promising, but apparently it's flawed. So currently I don't think there's anything we can do. Except not give out root access to everyone. Michal 1: https://en.wikipedia.org/wiki/Software_Guard_Extensions -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
