- Previous message: Peter Dambier: "Re: OT: Xen"
- Maybe in reply to: David Lesher: "OT: Xen"
- Next in thread: Matthew Palmer: "Re: OT: Xen"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Matthew Palmer (no email)
Date: Mon Apr 03 2006 - 18:11:32 EDT
On Mon, Apr 03, 2006 at 12:05:25PM -0700, Eric Frazier wrote:
> machine for stuff I know could lead to problems like that. But that brings
> up another question, how far isolated are different instances from each
> other really?
Fairly well -- a lot better than (eg) vservers, and almost certainly better
than UMLs. To get into the host, you'd need to subvert one of the backend
drivers via the guest in such a way that you got the ability to run some
sort of subversive command in the host. The possibility of a DoS (crash) is
much higher than a take-over compromise, but even then it's not something
I'd be inclined to worry about deeply.
- Matt
|
|
|