3 Apr
2006
3 Apr
'06
6:11 p.m.
On Mon, Apr 03, 2006 at 12:05:25PM -0700, Eric Frazier wrote:
machine for stuff I know could lead to problems like that. But that brings up another question, how far isolated are different instances from each other really?
Fairly well -- a lot better than (eg) vservers, and almost certainly better than UMLs. To get into the host, you'd need to subvert one of the backend drivers via the guest in such a way that you got the ability to run some sort of subversive command in the host. The possibility of a DoS (crash) is much higher than a take-over compromise, but even then it's not something I'd be inclined to worry about deeply. - Matt