On Wed, Oct 24, 2007 at 08:31:26AM -0500, L. V. Lammert wrote:
| On Wed, 24 Oct 2007, Henning Brauer wrote:
|
| > * [EMAIL PROTECTED] <[EMAIL PROTECTED]> [2007-10-24 03:03]:
| > > Virtualization seems to have a lot of security benefits
| >
| > seems?
| > to whom?
| >
| Virtualization provides near absolute security - DOM0 is not visible to
| the user at all, only passing network traffic and handling kernel calls.
| The security comes about in that each DOMU is totally isolated from the
| the others, while the core DOM0 is isolated from any attacks.
This is the theory. In theory, there's no bugs in OpenBSD. In
practice, many of the commits to the tree are not new features/drivers
but actual bugfixes. Read the paper by Tavis Ormandy, referenced by
Theo. There is a real problem with virtualization. Until all bugs are
fixed, virtualization is worse than real hardware. And it'll be hard
to prove all the bugs are fixed.
Cheers,
Paul 'WEiRD' de Weerd
--
>++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
http://www.weirdnet.nl/
