On 10/25/07, Daniel Ouellet <[EMAIL PROTECTED]> wrote: > So, if I take your point or 'applications domain' and and translate this > in more practical term and stop using words out of the far fetch paper > and use more pragmatic day to day example. You argue that in this case, > if a setup is using VM for the virtual hosting would be more secure, > assuming disk space, IP's, CPU power, rack space, etc is not consider > here. That this setup would be more secure? > > I think in this case, we can all agree yes it would be, more secure. > Absolutely secure however, no. I guess many are arguing that point and > that needs to be put in perspective.
I think the point most people were making is that this is not true. Take any common example, php hosting web server, windows, etc. All these have easily exploitable holes. OK, now one of your guest boxes is exploited. All you need is a guest->host exploit, and you've been crapped upon. In the separate physical box scenario, all the screwed up box would have access to, is the network. In this VM case, it has access to everything that runs in dom0. -- "This officer's men seem to follow him merely out of idle curiosity." -- Sandhurst officer cadet evaluation.
