At 02:28 PM 10/25/2007 -0400, Jason Dixon wrote:
Sure you do. You claim that the following statement is wrong, but you
don't offer any explanation. That's crap.
"There is *nothing* in any virtualization software that makes having it
*more secure* than not having it at all."
Quit dodging like a troll. Explain yourself.
If you read the other posts, the security I was originally describing was
at the 'application domain' level. Notwithstanding issues with VM security
itself, using VMs [XEN or VM], Solaris zones, separate machines, or any
other technology you choose provides good security for each domain , in
that each is separate and cannot see or interact with any other in normal
circumstances.
The point was made that there ARE specific exploits that can compromise an
entire server, but that's not the purpose of the statement; there was no
intent to diverge into the details of specific VM implementations nor any
issues due to the OS itself.
I believe a comment was made that 'application domain secuirty' can also be
looked as 'application separation', which could be considered analagous.
Lee
