On Wed, 7 Jun 2006, Colm MacCarthaigh wrote:
> marginally more security than a chroot. As the user still gets
> native raw access to the hardware,
Aha, but they don't...
In, e.g., Xen disk, network and physical memory is all virtualised
and the guest OS does not have access to PCI.
(That said you /can/ assign a PCI device to a guest domain - but only
to one. The only way to share a disk controller is to virtualise
access to it via the hypervisor and domain0).
regards,
--
Paul Jakma paul at clubi.iepaul at jakma.org Key ID: 64A2FF6A
Fortune:
Support your right to arm bears!!
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
