The dom0 environment is not sufficiently hardened. The argument for not hardening dom0 is that dom0 is isolated. Expect VMs can make RPC calls to dom0 through qrexec? Could this not result in dom0 being compromised? ‘qrexec-daemon’, ‘grexec-agent’ and ‘qrexec-client’ are not written in memory safe programming languages either. Why not?
1 Like
I think this would make an excellent coursework or examination question for students of computer security.
2 Likes