On 10/24/07, Paul de Weerd <[EMAIL PROTECTED]> wrote: > This is the theory. In theory, there's no bugs in OpenBSD. In > practice, many of the commits to the tree are not new features/drivers > but actual bugfixes. Read the paper by Tavis Ormandy, referenced by > Theo. There is a real problem with virtualization. Until all bugs are
When you read Ormandy's paper, referenced by Damien Miller, in regards to Xen, you find: 1. Ormandy states that Xen's design is congruent with good security 2. Ormandy doesn't actually demonstrate a Dom0 -> DomU escalation, and in fact, didn't test any HVMs at all. 3. Qemu compromises != Xen HVM Qemu compromises Furthermore: 1. Upstream patches already exist [1] in response to Ormandy's bug report [2] > fixed, virtualization is worse than real hardware. And it'll be hard > to prove all the bugs are fixed. Unless you are using a purely functional language implemented directly on provably correct hardware, it's impossible to (mathematically) prove a program is free of bugs. Since you want to solve real-world problems, you make a tradeoff between features you want and issues you can live with. OpenBSD is very, very, very good at security. On the other hand, if you want to program a fast, parallelized quantum gravity model to run on a large cluster of OpenMosix nodes, it's not the right tool for the job. In the scientific cluster computing and enterprise spaces, it's already well demonstrated, by many, many practitioners in those fields [3], that virtualization is a very, very good tool. > Paul 'WEiRD' de Weerd [1] https://launchpad.net/ubuntu/+source/xen-3.1/ [2] http://secunia.com/advisories/26986/ [3] In addition to my own work, I can point to colleagues and organizations, for example, http://cse.ucdavis.edu and http://immunetolerance.org Adam -- "Invincibility is in oneself, vulnerability in the opponent." -- Sun Tzu
