nanog mailing list archives
Re: OT: Xen
From: Matthew Palmer <mpalmer () hezmatt org>
Date: Tue, 4 Apr 2006 08:11:32 +1000
On Mon, Apr 03, 2006 at 12:05:25PM -0700, Eric Frazier wrote:
machine for stuff I know could lead to problems like that. But that brings up another question, how far isolated are different instances from each other really?
Fairly well -- a lot better than (eg) vservers, and almost certainly better than UMLs. To get into the host, you'd need to subvert one of the backend drivers via the guest in such a way that you got the ability to run some sort of subversive command in the host. The possibility of a DoS (crash) is much higher than a take-over compromise, but even then it's not something I'd be inclined to worry about deeply. - Matt
Current thread:
- Re: OT: Xen, (continued)
- Re: OT: Xen Todd Vierling (Apr 03)
- Re: OT: Xen Eric Frazier (Apr 03)
- Re: OT: Xen Valdis . Kletnieks (Apr 03)
- Re: OT: Xen Todd Vierling (Apr 03)
- Re: OT: Xen Michael . Dillon (Apr 03)
- Message not available
- Re: OT: Xen Eric Frazier (Apr 03)
- Re: OT: Xen Todd Vierling (Apr 03)
- Re: OT: Xen Peter Dambier (Apr 03)
- Re: OT: Xen Valdis . Kletnieks (Apr 03)
- Re: OT: Xen Christopher L. Morrow (Apr 03)
- Re: OT: Xen Matthew Palmer (Apr 03)
- Re: OT: Xen Stephane Bortzmeyer (Apr 04)
- Re: OT: Xen Matthew Palmer (Apr 03)