Can Erkin Acar wrote: > L. V. Lammert wrote: >> At 05:12 PM 10/24/2007 +0200, Henning Brauer wrote: >>> * L. V. Lammert <[EMAIL PROTECTED]> [2007-10-24 16:46]: >>>> Virtualization provides near absolute security - DOM0 is not visible to >>>> the user at all, only passing network traffic and handling kernel calls. >>>> The security comes about in that each DOMU is totally isolated from the >>>> the others, while the core DOM0 is isolated from any attacks. >>> dream on. >>> that is what marketing wants to tell you. >>> in fact the isolation is incredibly poor. >> Sorry, the kernel hacking world is pretty far removed from 'enterprise >> reality' <not that it's a bad thing - I often wish it were that simple>!! >> In reality, there are tons of SMEs out there using MS Crap and other risky >> software! The few security risks you cite for XEN are negligable by >> comparison. > > When all this crap/risky software is running on separate boxes, you only > have > the network as an attack path to the other crap. This path is well > understood, > and there are established policies, best practices, tools that you can > use to > control and monitor your network.
Contrariwise, there is *some* security benefit to running all the services virtualized, compared to running all the services on the same machine but *not* virtualized. In that case, though, you're not getting any improved resource utilization, and you're going with a very complicated and unaudited system (with arbitrary code execution bugs coming to light *this month*) to achieve "improved security." You can achieve a lot of the promises of virtualized servers (with fewer moving parts, and more code audits) using chroot and login classes to run many services on a single big machine. -- Matthew Weigel hacker [EMAIL PROTECTED]
