Re: obsd as domU?

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Ted Unangst

Date: Wednesday, January 13, 2010 - 10:11 am

On Wed, Jan 13, 2010 at 1:31 AM, Ciprian Dorin, Craciun
<ciprian.craciun@gmail.com> wrote:
quoted text>    Sorry, but you guys from OpenBSD have proved that you <<can trust
> the skills of **some** developers to write an __supposed__ perfectly
> secure operating system>>, so why not trust other developers to write
> a __supposed__ secure software emulation with the help of hardware.
> (Let me say it more simply: we have trust in you, but why don't you
> have the disposition to trust in others?)

A lot of OpenBSD's security comes from a model of "bad things can and
will happen" and trying to mitigate the damage, ala privilege
separation.  We don't assume the code is perfect, we assume it's NOT.
Combining virtual servers onto a single physical machine is the exact
opposite of that philosophy.

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

obsd as domU?, Vadkan Jozsef, (Tue Jan 12, 12:59 am)

Re: obsd as domU?, Michiel van Baak, (Tue Jan 12, 1:09 am)

Re: obsd as domU?, Bret Lambert, (Tue Jan 12, 1:10 am)

Re: obsd as domU?, Ciprian Dorin, Craciun, (Tue Jan 12, 1:41 am)

Re: obsd as domU?, Bret Lambert, (Tue Jan 12, 2:14 am)

Re: obsd as domU?, J.C. Roberts, (Tue Jan 12, 10:43 pm)

Re: obsd as domU?, Ciprian Dorin, Craciun, (Tue Jan 12, 11:31 pm)

Re: obsd as domU?, Bret S. Lambert, (Tue Jan 12, 11:43 pm)

Re: obsd as domU?, Ciprian Dorin, Craciun, (Tue Jan 12, 11:55 pm)

Re: obsd as domU?, Henning Brauer, (Wed Jan 13, 12:04 am)

Re: obsd as domU?, Eric Furman, (Wed Jan 13, 12:08 am)

Re: obsd as domU?, bofh, (Wed Jan 13, 4:38 am)

Re: obsd as domU?, William Boshuck, (Wed Jan 13, 4:50 am)

Re: obsd as domU?, Marco Peereboom, (Wed Jan 13, 6:54 am)

Re: obsd as domU?, Peter N. M. Hansteen, (Wed Jan 13, 7:38 am)

Re: obsd as domU?, bofh, (Wed Jan 13, 7:59 am)

Re: obsd as domU?, Chris Dukes, (Wed Jan 13, 8:45 am)

Re: obsd as domU?, Chris Dukes, (Wed Jan 13, 9:25 am)

Re: obsd as domU?, Diana Eichert, (Wed Jan 13, 10:10 am)

Re: obsd as domU?, Ted Unangst, (Wed Jan 13, 10:11 am)

Re: obsd as domU?, SJP Lists, (Mon Jan 18, 2:50 am)

Re: obsd as domU?, Kenneth R Westerback, (Thu May 20, 6:44 pm)


linux-kernel:
Ingo Molnar	Re: [patch 00/13] Syslets, "Threadlets", generic AIO support, v3
Andi Kleen	[PATCH] [0/35] Some x86 2.6.22 candidate patches for review
Andrew Morton	Re: [PATCH] lazy freeing of memory through MADV_FREE 2/2
Peter Zijlstra	Re: [RFC PATCH 1/2] Marker probes in futex.c
Vivek Goyal	[PATCH] x86_64: Display more intutive error message if kernel is not 2MB aligned
git:
Felipe Contreras	Re: [kernel.org users] [RFD] On deprecating "git-foo" for builtins
Johannes Schindelin	[PATCH] fetch: refuse to fetch into the current branch in a non-bare repository
Johannes Schindelin	Re: [PATCH] Fix install-doc-quick target
Peter Oberndorfer	Subject: [PATCH] fix stg edit command
Nicolas Pitre	Re: About git and the use of SHA-1
linux-netdev:
Ursula Braun	[patch 2/8] [PATCH] af_iucv: sync sk shutdown flag if iucv path is quiesced
David Dillow	Re: [PATCH 2.6.30-rc4] r8169: avoid losing MSI interrupts
Andi Kleen	Re: RFC: Nagle latency tuning
Paul E. McKenney	Re: [PATCH 1/3] rcu: Introduce hlist_nulls variant of hlist
Russell King	Re: [BUG] New Kernel Bugs
git-commits-head:
Linux Kernel Mailing List	sh: Fix compile error by operands(mov.l) in sh3/entry.S
Linux Kernel Mailing List	New device ID for sc92031 [1088:2031]
Linux Kernel Mailing List	e1000e: Expose MDI-X status via ethtool change
Linux Kernel Mailing List	powerpc/kexec: Add support for FSL-BookE
Linux Kernel Mailing List	drivers/acpi: use kasprintf
openbsd-misc:
Andres Salazar	About priorities in /etc/resolv.conf
Rob Shepherd	x86 hardware for router system
Henning Brauer	Re: Sun Blade 1000?
Mitja Muženič	Re: isakmpd -- NCP IPsec client: peer proposed invalid phase 2 IDs
Damien Miller	Re: Patching a SSH 'Weakness'