North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: OT: Xen
On Mon, Apr 03, 2006 at 12:05:25PM -0700, Eric Frazier wrote: > machine for stuff I know could lead to problems like that. But that brings > up another question, how far isolated are different instances from each > other really? Fairly well -- a lot better than (eg) vservers, and almost certainly better than UMLs. To get into the host, you'd need to subvert one of the backend drivers via the guest in such a way that you got the ability to run some sort of subversive command in the host. The possibility of a DoS (crash) is much higher than a take-over compromise, but even then it's not something I'd be inclined to worry about deeply. - Matt
|