Don Jackson wrote:
I wanted to add my 2 cents to this thread.
Ignoring the debate/flamage on this thread regarding the security
merits/risks of virtualization, I beleive there are a number of us who
would like the option to run OpenBSD as a guest under various virtual
machine frameworks. Even if it is less secure than dedicating a
machine to the problem at hand.
I would also like to see OpenBSD as an option for both Xen Dom0/DomU
installations. After reading this thread, I've learned a lot about VM
security issues. Personally, I'd feel more a bit more secure having
OpenBSD host a Windows or Linux guest, rather than the reverse.
I don't think it would be appropriate to have Xen included with the
stock OpenBSD kernel/distribution, due to both the security issues, and
license issues (Xen is GPL). It may be better for the project to have
Xen available as a port, which would include the hypervisor, kernel
images, and the associated tools. The port could also contain useful
documentation on the security implications of using VM technology.
Whether the OpenBSD developers would bless a Xen port is the next
question...
--
Sincerely,
Kirk Ismay
System Administrator
--
Net Idea
201-625 Front Street Nelson, BC V1L 4B6
P:250-352-3512 | F:250-352-9780 | TF:1-888-352-3512
Check out our brand new website! www.netidea.com
