Aaron Mason escreveu: > Hi, > > It has also been a vision of mine to run OpenBSD-based VPS, though at > this point the only way to achieve that is by true virtualization - > hence, I would like to propose that we attempt to bring OpenVZ > capabilities to the OpenBSD kernel. The biggest problems lie in > allowing the kernel to be forked and virtual devices supplied to it, > and allowing new instances of the kernel to be forked under the higher > security levels. In fact, even allowing the kernel to be forked at > all opens a can of worms security wise (recall the Blue Pill POC?). > I think the way to go here would be OpenBSD jails? Its very similar in performance to what OpenVZ in Linux IMHO. But if you are talking about running a OpenBSD VM to provide some comercial jails you will need at least hardware assisted virtualization, and i read a lot of times that virtualizating a OS don't make the host secure, don't know for deep the why's here.
My 2 cents, HTH > Thanks > > Regards
