> Its not that simple. This assumes (as does C) that there is an unknown > attack vector exploitable from a compromised Leaf system, which the > attacker knows about and has not been patched. Simply breaking into > virtual Leaf will not provide you with access to the host system.
I see, so you're supposing there isn't an exploit? How do you "prove a negative"? Look, in principle I very much approve of virtual machines. I ran a commercial IBM VM/SP system on a mainframe in the mid-80's. But even VM, with a history that ran back to 1967, had a "rubber room" project at Share for the university student environment. There were STILL security & management issues 20 years later. Only recently have IA machines been given hardware enhancements that make full virtualization a viable prospect. There is ONE thing I agree with Bill Gates about--the 286 was born "brain damaged". But it was an attempt to bring virtualization to IA, and failed miserably. That said, there are real differences between physical machines and virtual machines. Virtual machines are not isolated as are physical machines. Sometimes that's a good thing, sometimes bad, sometimes neither. The real problem is the one which has always been Windows' downfall. For all that virtualization buys you, there are always situations where people discover that what they (think they) want to do would be greatly enhanced if there could be more "co-operation" between different components. They just think about what they want to do, or what they want to sell, not about how it opens up possibilities for other "uses". Look at IP. Security & utility are generally at cross-purposes. Which do you want? > I suppose there might be ways that a skilled hacker could break through > once he's taken control of LEAF. He'd still need the tools for it though > and with only the bare minimum available I fail to see where he'd get > them. Back in the day, I had a SLMR tagline that said: "Real programmers type C:> COPY CON: PROGRAM.EXE". That was funny in the days of standalone DOS and keyboards. But in a networked system it ain't so funny! It goes back to that "co-operation" point I made above. > Using VMware however I have no reason for any other type of access than > console, so in order to get access to the LEAF box one would first have > to gain control over an internal machine capable of running VMware > console. Essentially this would be the only reason for not using VM, > being unable to force physical access only. -- Paul Rogers [EMAIL PROTECTED] http://www.xprt.net/~pgrogers/ Rogers' Second Law: "Everything you do communicates." (I do not personally endorse any additions after this line. TANSTAAFL :-) -- http://www.fastmail.fm - mmm... Fastmail... ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
