Re: About Xen: maybe a reiterative question but ..

view
thread

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Kevin Stam

Subject: Re: About Xen: maybe a reiterative question but ..

Date: Wednesday, October 24, 2007 - 2:04 pm

You have failed to satisfactorily explain why running a specific application
in a VM is more secure then running it in a standard OS. It's nonsense that
you think it's more secure that way. It saves a lot of money, yes -- you
don't necessarily want a separate box just to run an application - but
that's not the debate here. The debate is about security, and I'm amazed
that you think a virtual environment is somehow more secure then a dedicated
non-virtual environment.

On 10/24/07, L. V. Lammert <lvl@omnitec.net> wrote:
quoted text>
> On Wed, 24 Oct 2007, Theo de Raadt wrote:
>
> > > The security benefits are at the application level, *NOT* at the OS
> level.
> >
> > What hogwash.
> >
> > The security benefits are at the "ability to buy a steak for dinner"
> > level.
> >
> Nah, I like steak, I hate enterprise computing.
>
> > You've already made the decision to decrease security by
> > de-compartmentalizing onto one physical box, so you are just thrilled
> > with the ability to decrease security more by de-compartmentalizing
> > the software further.
> >
> Quite the opposite!! A VM provides a safe, sane, decently
> compartmentalized way to run a specific application domain. It's obvious
> we have different viewpoints, but both are equally valid - your's from the
> OS, mine from the application.
>
>         Lee
>
> ================================================
>   Leland V. Lammert            lvl@omnitec.net
>     Chief Scientist     Omnitec Corporation
> Network/Internet Consultants   www.omnitec.net
> ================================================

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Re: About Xen: maybe a reiterative question but .., Henning Brauer, (Wed Oct 24, 1:18 am)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Wed Oct 24, 6:31 am)

Re: About Xen: maybe a reiterative question but .., Paul de Weerd, (Wed Oct 24, 7:50 am)

Re: About Xen: maybe a reiterative question but .., Henning Brauer, (Wed Oct 24, 8:12 am)

Re: About Xen: maybe a reiterative question but .., Dave Anderson, (Wed Oct 24, 8:45 am)

Re: About Xen: maybe a reiterative question but .., Adam Getchell, (Wed Oct 24, 9:46 am)

Re: About Xen: maybe a reiterative question but .. , Theo de Raadt, (Wed Oct 24, 9:59 am)

Re: About Xen: maybe a reiterative question but .. , Jack J. Woehr, (Wed Oct 24, 10:14 am)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Wed Oct 24, 10:16 am)

Re: About Xen: maybe a reiterative question but .., Marc Espie, (Wed Oct 24, 10:44 am)

Re: About Xen: maybe a reiterative question but .. , Theo de Raadt, (Wed Oct 24, 10:45 am)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Wed Oct 24, 10:48 am)

Re: About Xen: maybe a reiterative question but .. , Theo de Raadt, (Wed Oct 24, 11:03 am)

Re: About Xen: maybe a reiterative question but .. , L. V. Lammert, (Wed Oct 24, 11:41 am)

Re: About Xen: maybe a reiterative question but .. , Theo de Raadt, (Wed Oct 24, 11:57 am)

Re: About Xen: maybe a reiterative question but .., Paul de Weerd, (Wed Oct 24, 12:22 pm)

Re: About Xen: maybe a reiterative question but .., Darren Spruell, (Wed Oct 24, 12:27 pm)

Re: About Xen: maybe a reiterative question but .., bofh, (Wed Oct 24, 12:39 pm)

Re: About Xen: maybe a reiterative question but .. , Theo de Raadt, (Wed Oct 24, 12:46 pm)

Re: About Xen: maybe a reiterative question but .., Henning Brauer, (Wed Oct 24, 1:16 pm)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Wed Oct 24, 1:31 pm)

Re: About Xen: maybe a reiterative question but .., Jason Dixon, (Wed Oct 24, 1:37 pm)

Re: About Xen: maybe a reiterative question but .., bofh, (Wed Oct 24, 1:48 pm)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Wed Oct 24, 1:48 pm)

Re: About Xen: maybe a reiterative question but .., Kevin Stam, (Wed Oct 24, 2:04 pm)

Re: About Xen: maybe a reiterative question but .., Daniel Ouellet, (Wed Oct 24, 2:19 pm)

Re: About Xen: maybe a reiterative question but .., Henning Brauer, (Wed Oct 24, 2:26 pm)

Re: About Xen: maybe a reiterative question but .. , Theo de Raadt, (Wed Oct 24, 2:31 pm)

Re: About Xen: maybe a reiterative question but .. , Theo de Raadt, (Wed Oct 24, 2:41 pm)

Re: About Xen: maybe a reiterative question but .. , L. V. Lammert, (Wed Oct 24, 2:59 pm)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Wed Oct 24, 3:00 pm)

Re: About Xen: maybe a reiterative question but .., Henning Brauer, (Wed Oct 24, 3:14 pm)

Re: About Xen: maybe a reiterative question but .. , Tony Abernethy, (Wed Oct 24, 3:27 pm)

Re: About Xen: maybe a reiterative question but .., Matthew Weigel, (Wed Oct 24, 3:35 pm)

Re: About Xen: maybe a reiterative question but .. , L. V. Lammert, (Wed Oct 24, 3:44 pm)

Re: About Xen: maybe a reiterative question but .. , Jack J. Woehr, (Wed Oct 24, 3:52 pm)

Re: About Xen: maybe a reiterative question but .. , Jeremy Huiskamp, (Wed Oct 24, 4:52 pm)

Re: About Xen: maybe a reiterative question but .., Brian, (Wed Oct 24, 5:06 pm)

Re: About Xen: maybe a reiterative question but .., Darrin Chandler, (Wed Oct 24, 5:43 pm)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Wed Oct 24, 6:14 pm)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Wed Oct 24, 6:20 pm)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Wed Oct 24, 6:27 pm)

Re: About Xen: maybe a reiterative question but .., bofh, (Wed Oct 24, 6:46 pm)

Re: About Xen: maybe a reiterative question but .., Darren Spruell, (Wed Oct 24, 6:46 pm)

Re: About Xen: maybe a reiterative question but .., Brian, (Wed Oct 24, 6:51 pm)

Re: About Xen: maybe a reiterative question but .., Steve Shockley, (Wed Oct 24, 6:53 pm)

Re: About Xen: maybe a reiterative question but .., Darrin Chandler, (Wed Oct 24, 6:54 pm)

Re: About Xen: maybe a reiterative question but .., Jason Dixon, (Wed Oct 24, 6:57 pm)

Re: About Xen: maybe a reiterative question but .. , Theo de Raadt, (Wed Oct 24, 7:01 pm)

Re: About Xen: maybe a reiterative question but .., Damien Miller, (Wed Oct 24, 7:01 pm)

Re: About Xen: maybe a reiterative question but .., Damien Miller, (Wed Oct 24, 7:05 pm)

Re: About Xen: maybe a reiterative question but .., Tony Abernethy, (Wed Oct 24, 8:07 pm)

Re: About Xen: maybe a reiterative question but .., Karsten McMinn, (Wed Oct 24, 9:15 pm)

Re: About Xen: maybe a reiterative question but .., Lars Hansson, (Wed Oct 24, 9:50 pm)

Re: About Xen: maybe a reiterative question but .., Lars Noodén, (Wed Oct 24, 11:14 pm)

Re: About Xen: maybe a reiterative question but .., Richard Toohey, (Thu Oct 25, 12:28 am)

Re: About Xen: maybe a reiterative question but .., Richard Toohey, (Thu Oct 25, 12:37 am)

Re: About Xen: maybe a reiterative question but .., Lars Noodén, (Thu Oct 25, 1:00 am)

Re: About Xen: maybe a reiterative question but .., Richard Toohey, (Thu Oct 25, 1:06 am)

Hardware support for secure virtualization (was: About Xen ..., Rodrigo V. Raimundo, (Thu Oct 25, 3:50 am)

Re: Hardware support for secure virtualization (was: About ..., Stuart Henderson, (Thu Oct 25, 4:13 am)

Re: About Xen: maybe a reiterative question but .., Douglas A. Tutty, (Thu Oct 25, 6:04 am)

Re: About Xen: maybe a reiterative question but .., Douglas A. Tutty, (Thu Oct 25, 6:16 am)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Thu Oct 25, 7:06 am)

Re: About Xen: maybe a reiterative question but .., Adam Getchell, (Thu Oct 25, 7:30 am)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Thu Oct 25, 8:02 am)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Thu Oct 25, 9:09 am)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Thu Oct 25, 9:11 am)

Re: About Xen: maybe a reiterative question but .., Jason Dixon, (Thu Oct 25, 9:23 am)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Thu Oct 25, 9:26 am)

Re: About Xen: maybe a reiterative question but .., Tom Van Looy, (Thu Oct 25, 9:54 am)

Re: About Xen: maybe a reiterative question but .., L. V. Lammert, (Thu Oct 25, 10:43 am)

Re: About Xen: maybe a reiterative question but .., richardtoohey, (Thu Oct 25, 11:36 am)

Re: About Xen: maybe a reiterative question but .., Subcommander l0r3zz, (Thu Oct 25, 1:36 pm)

Re: About Xen: maybe a reiterative question but .., Matt Rowley, (Fri Oct 26, 5:34 am)

Re: About Xen: maybe a reiterative question but .., Subcommander l0r3zz, (Fri Oct 26, 10:23 am)

Re: About Xen: maybe a reiterative question but .., Shawn K. Quinn, (Sun Oct 28, 11:29 am)

Re: About Xen: maybe a reiterative question but .., bofh, (Sun Oct 28, 2:34 pm)

Re: About Xen: maybe a reiterative question but .., Douglas A. Tutty, (Sun Oct 28, 3:18 pm)

Re: About Xen: maybe a reiterative question but .., Nick Holland, (Sun Oct 28, 7:31 pm)

Re: About Xen: maybe a reiterative question but .., Douglas A. Tutty, (Mon Oct 29, 5:43 am)

Re: About Xen: maybe a reiterative question but .., bofh, (Mon Oct 29, 6:11 am)

Re: About Xen: maybe a reiterative question but .., Douglas A. Tutty, (Mon Oct 29, 1:26 pm)

Re: About Xen: maybe a reiterative question but .., Balázs, (Mon Oct 29, 8:56 pm)

Navigation

Popular discussions


linux-kernel:
Mel Gorman	Re: [PATCH 1/4] vmstat: remove zone->lock from walk_zones_in_node
Guenter Roeck	Re: [lm-sensors] Location for thermal drivers
David Woodhouse	Re: RFC: Moving firmware blobs out of the kernel.
Siddha, Suresh B	Re: [PATCH 2.6.21 review I] [11/25] x86: default to physical mode on hotplug CPU k...
Peter Zijlstra	Re: [patch 4/6] mm: merge populate and nopage into fault (fixes nonlinear)
git-commits-head:
Linux Kernel Mailing List	[MIPS] Fix potential latency problem due to non-atomic cpu_wait.
Linux Kernel Mailing List	USB: rename USB_SPEED_VARIABLE to USB_SPEED_WIRELESS
Linux Kernel Mailing List	lib/vsprintf.c: fix bug omitting minus sign of numbers (module_param)
Linux Kernel Mailing List	[Bluetooth] Initiate authentication during connection establishment
Linux Kernel Mailing List	[POWERPC] 4xx: Add ppc40x_defconfig
linux-netdev:
MERCEDES	Your mail id has won 950,000.00 in the MERCEDES Benz Online Promo.for claims send:
David Miller	Re: [PATCH] xen/netfront: do not mark packets of length < MSS as GSO
David Miller	Re: skb_segment() questions
Shan Wei	[RFC PATCH net-next 2/5]IPv6:netfilter: Send an ICMPv6 "Fragment Reassembly Timeou...
Stanislaw Gruszka	[PATCH 1/4] bnx2x: use smp_mb() to keep ordering of read write operations
git:
Nicolas Sebrecht	git-svn died of signal 11 (was "3 failures on test t9100 (svn)")
Junio C Hamano	Re: [PATCH 2/2] Add url.<base>.pushInsteadOf: URL rewriting for push only
Martin Langhoff	Re: [PATCH] GIT commit statistics.
Alexandre Julliard	[PATCH] gitweb: Put back shortlog instead of graphiclog in the project list.
Josh Triplett	[PATCH 2/2] Add url.<base>.pushInsteadOf: URL rewriting for push only
openbsd-misc:
Taisto Qvist XX	Re: AMD GEODE LX-800 just works with kernel from install42.iso and kernelpanics wi...
Nico Meijer	Re: gOS Develop Kit with VIA pc-1 Processor Platform VIA C7-D
Andreas Bihlmaier	Re: jetway board sensors (Fintek F71805F)
admin	Drive a 2009 car from R799p/m
Antti Harri	Re: how to create a sha256 hash

Colocation donated by:

Syndicate