Re: [Users] SIMFS users

Wed, 22 Jul 2015 19:32:03 -0700 

On 07/22/2015 11:31 AM, Gena Makhomed wrote:

my point is there will always be bugs... but to point at a bug report
and give up saying that it isn't stable because of bug report x... or
that some people have had panics at some point in history... well,
that isn't very reflective of the overall picture. ! Nothing
personal.  We just disagree on a few topics.  We probably agree on
way more things though.


Yes, you are right, this is not very reflective,
but in first approximation - you can easy evaluate
complexity of code by past bugreports, also evaluating
code quality by cound of vulnerabilities is common practice,
for example, postfix scored as high code quality mail server
and sendmail/exim as low code quality mail servers
only on history of vulnerabilities in the past.


Sure, you can compare similar software, say sendmail vs exim vs postfix,

or Chrome vs Firefox. Even then, though, you can fall into a statistics 
trap --

the number of bugs found also depends on number of users, diversity of
use cases. It depends greatly on how many security experts are looking
into code.

For example, at a conference I heard that KVM appears to be

less secure than Xen, and this conclusion was based on number of 
vulnerabilities
discovered during last 3 years or so. A guy from the audience raised his 
hand,
and said he's a security team leader at Google, and that for the last 
few years
they were looking into KVM, trying to make it more secure, so the higher 
amount

of KVM vulnerabilities is basically the result of his team's work.

So, to conclude, you can compare similar products by number of bugs, but
without compensating for many other factors the results of your comparison
can very well be misleading.

Now, what do you want to compare OpenVZ with? LXC? Linux-VServer?
Upstream kernel? RHEL kernel? Ubuntu kernel?


Speaking of live migration in particular, there are basically only two 
complete

implementations of it, both coming from OpenVZ, so you can only compare

OpenVZ in-kernel checkpoint/restore with OpenVZ Checkpoint/Restore In 
Userspace

aka CRIU. Believe me, we do it on a daily basis :)

_______________________________________________
Users mailing list
Users@openvz.org
https://lists.openvz.org/mailman/listinfo/users





























					Reply via email to