Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2025-02-04 17:05:22 -05:00
Code Issues Packages Projects Releases Wiki Activity

Trusted_parts changed

Browse Source
This commit is contained in:
Rafal Wojtczuk 2011-09-16 12:37:57 +00:00
parent fd05644b67
commit 6220ffa905
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Trusted_parts.md
View File

@ -23,9 +23,11 @@ Trusted non-Qubes-specific components
- Xen hypervisor
- xenstore
- network PV frontends (exposed to potentially compromised netvm) and backends
- VMs networking stack. Note that in order to take control over VM without its cooperation (e.g. enticing user to visit a malicious web page) the attacker would have to compromise two firewalls first. Also, dom0 has no network connectivity, thus it is not exposed.
- block backend implemented in dom0 kernel
- integrity of Fedora packages (meaning, they are not trojaned)
- rpm and yum (both in dom0 and in VMs) must correctly verify signatures of the packages
- terminal emulators and file editors used in dom0 to view VM-influenced logs (although somehow exotic, in the past there were vulnerabilities in terminal emulators allowing for arbitrary code execution by just displaying malicious content on the terminal).
At the current project stage, we cannot afford to spend time to improve them - all we can do is to limit the number and extent of these components.