14:50 <ansiwen> hi there, I have a question:

14:52 <ansiwen> what is the plan for dom0 security? it is my understanding, no matter how secure the unikernel is, as long as the dom0 is still running a standard OS you don't gain much on security because it has full access to the domUs and is therefore the weakest link in the chain. is this correct?

14:53 <ansiwen> if you can answer that or link me to a site explaining that, it would be great

15:06 <hannes> ansiwen: yes, dom0 is an attack vector... goal is to minimize what it needs to do... maybe a hypervisor with scheduler, some memory management, and a network device driver is enough? :)

15:33 <ansiwen> hannes: I thought all of these things Xen itself could provide. I thought dom0 is just necessary for VM management (create, kill,...)

15:33 <ansiwen> so, would be great if MirageOS also can build a dom0 unikenrel for these tasks...

16:06 <ansiwen> ok, I just looked it up. Xen requires the drivers to be in dom0 (or another VM if disaggregated).,,

16:07 <ansiwen> so, what is considered the safest dom0 at the moment, given you want to implement a high-security service with MirageOS?