At 05:56 PM 10/24/2007 -0700, you wrote:
L. V. Lammert <[EMAIL PROTECTED]> wrote:
>>security issues and protections do not add up like numbers.
>
> Sure they do. If I'm running Windoze as a guest OS, there are hundreds or
> thousands of possible vulnerabilities. If I'm runng OBSD as a guest OS,
> guess what (I hope you don't have to??) - few to none. There is no way to
> 'compound threat [interaction]', but that doesn't detract from the basic
> truth - the lower the risk/number of vulnerabilities of the OS, the better
> off you are. As a corollary, you might also say that there is no way to
> improve the security of a server without improving the security of the OS.
This has *nothing* to do with VM security.
Exactly! As my OP had nothing to do with VM security! That was a tangent
posted by others to distract from the main topic.
The issue with VM security is that:
1. if any guest is compromised you all guests and the host are in danger.
2. if any user or admininstrator of a guest is malicious, all guests and
the host is in danger.
Again, very true!
>> > No matter how you twist the logic, however, a VM provides a good
level of
>> > application domain security, from the standpoint that each set of domain
>> > users and applications can only see the services provided within that
>> > domain guest OS.
>>
>>The phrase "application domain security" is a cover-up statement that
>>means "I have already decided to run the multiple things on one box
>>because I am cheap, and I need to invent reasons why I can continue
>>doing so".
>
> Huh?? Do you know what an application domain is? Guess not - here's a
> definition:
>
> Application + Users + Access Method = Application Domain
>
> Examples: File/Print, httpd, DB, . . .
>
> The more discrete the security model (i.e. File/Print users are not valid
> on the httpd server) the better.
What you try to describe in a somewhat clumsy and round about way
corresponds to moving different "applications" to their
respective/isolated machines.
This is actually a good thing to do for security.
Thank you, sir! Finally, somebody admits understanding the original
question, I think. In the interest of less bandwidth, let's not continue
the discussion about VM architecture and/or separate machines? I think we
can all agree on those points, and the discussion on VM security, while
tangential, is certainly food for thought.
Lee
