Can Erkin Acar wrote:

quoted text
> L. V. Lammert wrote:

>> At 05:12 PM 10/24/2007 +0200, Henning Brauer wrote:

>>> * L. V. Lammert  [2007-10-24 16:46]:

>>>> Virtualization provides near absolute security - DOM0 is not visible to

>>>> the user at all, only passing network traffic and handling kernel calls.

>>>> The security comes about in that each DOMU is totally isolated from the

>>>> the others, while the core DOM0 is isolated from any attacks.

>>> dream on.

>>> that is what marketing wants to tell you.

>>> in fact the isolation is incredibly poor.

>> Sorry, the kernel hacking world is pretty far removed from 'enterprise

>> reality' !!

>> In reality, there are tons of SMEs out there using MS Crap and other risky

>> software! The few security risks you cite for XEN are negligable by comparison.

>

> When all this crap/risky software is running on separate boxes, you only

> have

> the network as an attack path to the other crap. This path is well

> understood,

> and there are established policies, best practices, tools that you can

> use to

> control and monitor your network.

Contrariwise, there is *some* security benefit to running all the

services virtualized, compared to running all the services on the same

machine but *not* virtualized.  In that case, though, you're not getting

any improved resource utilization, and you're going with a very

complicated and unaudited system (with arbitrary code execution bugs

coming to light *this month*) to achieve "improved security."
You can achieve a lot of the  promises of virtualized servers (with

fewer moving parts, and more code audits) using chroot and login classes

to run many services on a single big machine.

--

 Matthew Weigel

 hacker

 unique@idempot.net