Sign in / up

back to article Xen fixes guest privilege escape and plenty more

Xen admins, get busy: the open source hypervisor's issued fixes for bugs that range from data corruption and leakage up to privilege escalation. Let's start with CVE-2017-12137, which could let a paravirtualized (PV) guest escalate to host privilege. It's down to a mistake in memory allocation when a PV guest is launched. …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. handleoclast
    Mushroom

    Fail Panda

    I have never trusted Xen since I saw that stupid fucking panda in all its poses. If they'd put half the effort into making the stuff work properly instead of drawing stupid fucking pandas maybe we wouldn't be seeing today's batch of patches.

    Yes, I'm absolutely serious about this. They've put more design effort into their branding and advertising than they have put into their product. Rather like Clive Sinclair used to.

    1 1 Reply
    1. Anonymous Coward
      Reply Icon
      Anonymous Coward

      Re: Fail Panda

      On the other hand, they've also written a hypervisor and you haven't.

      1 2 Reply
      1. handleoclast
        Reply Icon

        Re: Fail Panda

        @bobajob12

        You are correct. I don't have the skills to write a hypervisor. Or to draw a logo.

        However, I do have the skills to install Xen. And did so, several years ago. On a spare bit of kit I had, just to see what it could do. I was really impressed with the way the VM under Xen couldn't always find one of the network interfaces after a reboot. Sometimes it could, sometimes it couldn't. There were a few other problems with it, but that's the one that really stuck in my mind as being a major, no-fucking-way-is-that-acceptable issue.

        The next time I looked at Xen it had acquired that stupid panda. In many different poses. And so I lost all interest in it. Pretty branding is a sign of being more interested in marketing than engineering. I've seen a number of new projects in my time, and the ones that start out with pretty branding and shit code never seem to improve (the branding might get prettier but the code never gets better).

        It may seem a foolish benchmark, but it is one that has served me well. If you have a good product your branding can be fugly and people will still use it. If you have a shitty product then you need good branding to sucker people in.

        1 0 Reply
    2. larsk
      Reply Icon

      Re: Fail Panda

      "If they'd put half the effort into making the stuff work properly instead of drawing stupid fucking pandas maybe we wouldn't be seeing today's batch of patches."

      As one of the few person which does some marketing for the project, I wanted to clarify that none of the developers have ever been involved in drawing pandas. In fact we never had a plan to do this: a community member stepped up and did the first version. After that wives, friends and other people who like drawing who have connections to the developers came up with the Panda in different poses. There was no real funding or marketing campaign behind this at all.

      In fact if you compare Xen with say KVM and Container projects, we hardly do any marketing. And the same is true for many vendors which use Xen: you can't say that for other virtualisation technologies (FOSS or Not).

      0 1 Reply
    3. hack3rcon
      Reply Icon

      Re: Fail Panda

      Why in your opinion, it is bad? Every product has its own vulnerability. Xen Project is not an exception. It is very good that they say their issues and not shut in them like KVM.

      0 1 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like