On Wed, Jan 13, 2010 at 1:31 AM, Ciprian Dorin, Craciun <ciprian.crac...@gmail.com> wrote: > Sorry, but you guys from OpenBSD have proved that you <<can trust > the skills of **some** developers to write an __supposed__ perfectly > secure operating system>>, so why not trust other developers to write > a __supposed__ secure software emulation with the help of hardware. > (Let me say it more simply: we have trust in you, but why don't you > have the disposition to trust in others?)
A lot of OpenBSD's security comes from a model of "bad things can and will happen" and trying to mitigate the damage, ala privilege separation. We don't assume the code is perfect, we assume it's NOT. Combining virtual servers onto a single physical machine is the exact opposite of that philosophy.
