At 05:12 PM 10/24/2007 +0200, Henning Brauer wrote:
* L. V. Lammert <[EMAIL PROTECTED]> [2007-10-24 16:46]:
> Virtualization provides near absolute security - DOM0 is not visible to
> the user at all, only passing network traffic and handling kernel calls.
> The security comes about in that each DOMU is totally isolated from the
> the others, while the core DOM0 is isolated from any attacks.
dream on.
that is what marketing wants to tell you.
in fact the isolation is incredibly poor.
Sorry, the kernel hacking world is pretty far removed from 'enterprise
reality' <not that it's a bad thing - I often wish it were that simple>!!
In reality, there are tons of SMEs out there using MS Crap and other risky
software! The few security risks you cite for XEN are negligable by comparison.
Anything we can do to increase security, *including* setting up VMs (of any
flavor) is an improvement [that also increased hardware utilization].
Lee
