On Wed, 24 Oct 2007, L. V. Lammert wrote: > I still stand by my original statement. Running application 'domains' in > VMs instead of on a single server increases security.
It no worse security-wise to run applications on VMs rather than on the one OS, but that isn't the only choice - is it? You obviously didn't read Tavis' virtualisation security paper. VM escape vulnerabilites are not theoretical. Tavis found vulnerabilities in every VM he tested using only a couple of fuzzers. Please stop pretending that virtualisation is about security, it isn't. The benefits are cost savings and decoupling applications from hardware. -d
