On Wed, May 29, 2013 at 6:02 PM, Julian Stecklina <jstec...@os.inf.tu-dresden.de> wrote: > On 05/29/2013 04:21 PM, Stefan Hajnoczi wrote: >> The fact that a single switch process has shared memory access to all >> guests' RAM is critical. If the switch process is exploited, then that >> exposes other guests' data! (Think of a multi-tenant host with guests >> belonging to different users.) > > True. But people don't mind having instruction decoding and half of > virtio in the kernel these days, so it can't be that security critical...
No, it's still security critical. If there were equivalent solutions with better security then I'm sure people would accept them. It's just that there isn't an equivalent solution yet :). Stefan
