Comments on: Red Hat-based Linux under Xen, from Debian Etch http://strugglers.net/~andy/blog/2008/01/20/red-hat-based-linux-under-xen-from-debian-etch/ I'll get there one day. Fri, 09 Jan 2009 23:29:02 +0000 http://wordpress.org/?v=2.7-beta3 hourly 1 By: darkfader http://strugglers.net/~andy/blog/2008/01/20/red-hat-based-linux-under-xen-from-debian-etch/comment-page-1/#comment-55621 darkfader Fri, 23 May 2008 16:16:10 +0000 http://strugglers.net/~andy/blog/2008/01/20/red-hat-based-linux-under-xen-from-debian-etch/#comment-55621 there you go, fixed in xensource upstream but not sure if it made it in http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1068 there you go, fixed in xensource upstream but not sure if it made it in http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1068

]]> By: darkfader http://strugglers.net/~andy/blog/2008/01/20/red-hat-based-linux-under-xen-from-debian-etch/comment-page-1/#comment-55619 darkfader Fri, 23 May 2008 16:13:14 +0000 http://strugglers.net/~andy/blog/2008/01/20/red-hat-based-linux-under-xen-from-debian-etch/#comment-55619 of course I hadnt come here just to bash debian...?! I just ran into this site while try to make pygrub work like everyone else; just at some point I got real angry about how many peoples time is spent on this; the libs are missing in the package and it should -obviously- just be fixed. that aside, I think only rPath has actually bothered to fix the pygrub exploit, at least I didnt find much further references. There's a long way to go for pygrub anyway, it'll be interesting to see if the other grub features like tftp support or trusted grub extensions will go in at some point. About the exploits nature, let's just say pygrub was very eager to execute domu:/boot/grub/menu.lst, so instructions could be crafted to run in dom0, without using overflows or such. for shared hosting scenarios this is an obvious nightmare :) of course I hadnt come here just to bash debian…?! I just ran into this site while try to make pygrub work like everyone else; just at some point I got real angry about how many peoples time is spent on this; the libs are missing in the package and it should -obviously- just be fixed.

that aside, I think only rPath has actually bothered to fix the pygrub exploit, at least I didnt find much further references. There’s a long way to go for pygrub anyway, it’ll be interesting to see if the other grub features like tftp support or trusted grub extensions will go in at some point.

About the exploits nature, let’s just say pygrub was very eager to execute domu:/boot/grub/menu.lst, so instructions could be crafted to run in dom0, without using overflows or such.

for shared hosting scenarios this is an obvious nightmare :)

]]> By: Andy http://strugglers.net/~andy/blog/2008/01/20/red-hat-based-linux-under-xen-from-debian-etch/comment-page-1/#comment-48310 Andy Sat, 29 Mar 2008 02:42:39 +0000 http://strugglers.net/~andy/blog/2008/01/20/red-hat-based-linux-under-xen-from-debian-etch/#comment-48310 Hi, The broken pygrub is not a security bug so not going to be fixed at least until the next stable release I suppose. Do you have the details of the pygrub exploit? I thought I saw it fixed, which is what I wouls expect as a security issue. If you're just here to bash Debian then I'm not really interested however. Hi,

The broken pygrub is not a security bug so not going to be fixed at least until the next stable release I suppose.

Do you have the details of the pygrub exploit? I thought I saw it fixed, which is what I wouls expect as a security issue.

If you’re just here to bash Debian then I’m not really interested however.

]]> By: darkfader http://strugglers.net/~andy/blog/2008/01/20/red-hat-based-linux-under-xen-from-debian-etch/comment-page-1/#comment-48309 darkfader Sat, 29 Mar 2008 02:27:06 +0000 http://strugglers.net/~andy/blog/2008/01/20/red-hat-based-linux-under-xen-from-debian-etch/#comment-48309 I really love how i just need to waste an hour googling and messing around in the pygrub source and just download the xen sources on top of it just because noone debian bothers to TEST or FIX this issue since 2006. wouldnt be as funny if there werent this exec exploit in pygrub which debian now at least can claim to be absolutely prone against. You can't hack whats broken... I really love how i just need to waste an hour googling and messing around in the pygrub source and just download the xen sources on top of it just because noone debian bothers to TEST or FIX this issue since 2006.
wouldnt be as funny if there werent this exec exploit in pygrub which debian now at least can claim to be absolutely prone against.
You can’t hack whats broken…

]]> By: kju http://strugglers.net/~andy/blog/2008/01/20/red-hat-based-linux-under-xen-from-debian-etch/comment-page-1/#comment-43573 kju Thu, 14 Feb 2008 23:45:34 +0000 http://strugglers.net/~andy/blog/2008/01/20/red-hat-based-linux-under-xen-from-debian-etch/#comment-43573 Just for the record: The disk corruption problem does not occur when using RAID1 (at least not with Xen 3.1/3.2, kernel 2.6.22 [xen patch from ubuntu] in dom0 and 2.6.18 [xen patch form debian/fedora] in domU. I can't remember if i tried xvda with Xen 3.0.x and 2.6.18 in dom0, though. Just for the record: The disk corruption problem does not occur when using RAID1 (at least not with Xen 3.1/3.2, kernel 2.6.22 [xen patch from ubuntu] in dom0 and 2.6.18 [xen patch form debian/fedora] in domU. I can’t remember if i tried xvda with Xen 3.0.x and 2.6.18 in dom0, though.

]]> By: Jason http://strugglers.net/~andy/blog/2008/01/20/red-hat-based-linux-under-xen-from-debian-etch/comment-page-1/#comment-40810 Jason Sat, 26 Jan 2008 21:20:01 +0000 http://strugglers.net/~andy/blog/2008/01/20/red-hat-based-linux-under-xen-from-debian-etch/#comment-40810 Thanks for this post. Pulling my hair out w/ pygrub, trying to build a centos domU on my debian dom0. I'm also using LV's for domU's, and wasn't about to switch to images. Downloading the xen source and building the ext2 pieces worked like a champ. Thanks for this post. Pulling my hair out w/ pygrub, trying to build a centos domU on my debian dom0. I’m also using LV’s for domU’s, and wasn’t about to switch to images. Downloading the xen source and building the ext2 pieces worked like a champ.

]]> By: Andy http://strugglers.net/~andy/blog/2008/01/20/red-hat-based-linux-under-xen-from-debian-etch/comment-page-1/#comment-40001 Andy Sun, 20 Jan 2008 09:17:13 +0000 http://strugglers.net/~andy/blog/2008/01/20/red-hat-based-linux-under-xen-from-debian-etch/#comment-40001 Thanks Ask. I opened one with Debian also: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461644 Cheers, Andy Thanks Ask. I opened one with Debian also:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=461644

Cheers,
Andy

]]> By: Ask Bjørn Hansen http://strugglers.net/~andy/blog/2008/01/20/red-hat-based-linux-under-xen-from-debian-etch/comment-page-1/#comment-39998 Ask Bjørn Hansen Sun, 20 Jan 2008 08:57:24 +0000 http://strugglers.net/~andy/blog/2008/01/20/red-hat-based-linux-under-xen-from-debian-etch/#comment-39998 There's an open bug in the RedHat bugtracker regarding the issue: https://bugzilla.redhat.com/show_bug.cgi?id=223947 - ask There’s an open bug in the RedHat bugtracker regarding the issue:

https://bugzilla.redhat.com/show_bug.cgi?id=223947

- ask

]]>