[CentOS] ESXi, KVM or Xen?
David McGuffey
davidmcguffey at verizon.netSat Jul 3 12:01:33 UTC 2010
- Previous message: [CentOS] ESXi, KVM or Xen?
- Next message: [CentOS] ESXi, KVM or Xen?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sat, 2010-07-03 at 11:52 +0800, Emmanuel Noobadmin wrote: > 2. Security > Some sites point out that KVM VM runs in userspace as threads. So a > compromised guest OS would then give intruder access to the system as > well as other VMs. > > Should I really be concerned or are these worries only for extreme > situations and that KVM is viable for normal production situations? > Are there other things I should be aware of? > As I understand it each VM under kvm has a different SELinux context. Breaking into one VM doesn't give you the context to manipulate another. One would have to go back out through the network to attack the next VM...and if you have decent logging and IDS the noise should be seen/detected. I went with kvm specifically because it is integrated into SELinux. Dave M
- Previous message: [CentOS] ESXi, KVM or Xen?
- Next message: [CentOS] ESXi, KVM or Xen?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list