Theo de Raadt said in the past about virtual machines: >A few of us just spent some time again debugging an application level >problem ... and once again realized that the application was running >on OpenBSD inside the Innobox's VirtualBox VM.
>Argh. >http://www.virtualbox.org/ticket/639 >Sun owns InnoTek now because I think they wanted a VM product, but the product is badly broken. >When that VM is running, we end up with bugs that make it quite >clear that cpu registers are being corrupted in some instances. >We don't know how other operating system products continue running >when the userland ecx register gets clobbered on a return from a page >fault, but at least people should be aware that there is likely some >security risk from running that product. >That VM does not emulate the x86 correctly, (either). >In the last while, approximately one third of x86 (i386/amd64) dmesg's >are from VM's. >This is annoying, because VM's to some extent make the base machines >so much more uniform, so these are not the best test results for us to >see. We've had to make changes to a lot of drivers to cope with the >VM's having bugs. >This massive move towards VM use is a worrying trend and I am scared >of the side effects we will face from so many people (essentially) >choosing to run 3 operating systems instead of 1 ... and doing this >when their guest choice is 'OpenBSD for security'. I really wonder >how people arrive at such a position... without logic or technological >understanding, I suppose. I would like to know what does Theo think about virtual machines. Just curiosity.
