I wanted to add my 2 cents to this thread.
Ignoring the debate/flamage on this thread regarding the security
merits/risks of virtualization, I beleive there are a number of us who
would like the option to run OpenBSD as a guest under various virtual
machine frameworks. Even if it is less secure than dedicating a
machine to the problem at hand.
Like it or not, Xen is a very popular VM environment. (Granted, this
may change if Citrix makes changes that people can't live with)
One of the most interesting services supporting Xen is the Amazon EC2
service, where you can buy time on their cloud to run VMs. I'd like
to be able to build/define/buy AMIs that are based on OpenBSD, and run
them on the EC2 cloud. If my application ever needs dedicated
hardware, I'll move to that, and I'd remove the VM layer, and I'd
gain more security, and more performance.
http://www.amazon.com/gp/browse.html?node=201590011
Today, one has no choice but to run Linux-based AMIs on EC2. It would
be great if people could define and build OpenBSD 'software
appliances' that could be deployed both standalone and virtualized.
The ability to participate in VM ecosystems like EC2 would benefit the
broader OpenBSD initative.
So, if the changes to OpenBSD to support running under VM frameworks
can be made without reducing the security/stability/performance of
OpenBSD when it is NOT running under VM, and if these changes can be
made with licensing terms that are consistent with the OpenBSD license
(and acceptable to Theo), then I would really like to see this happen.
Don
