On Thu, May 30, 2013 at 08:46:42AM +0200, Stefan Hajnoczi wrote: > On Wed, May 29, 2013 at 6:02 PM, Julian Stecklina > <jstec...@os.inf.tu-dresden.de> wrote: > > On 05/29/2013 04:21 PM, Stefan Hajnoczi wrote: > >> The fact that a single switch process has shared memory access to all > >> guests' RAM is critical. If the switch process is exploited, then that > >> exposes other guests' data! (Think of a multi-tenant host with guests > >> belonging to different users.) > > > > True. But people don't mind having instruction decoding and half of > > virtio in the kernel these days, so it can't be that security critical... > > No, it's still security critical. If there were equivalent solutions > with better security then I'm sure people would accept them. It's > just that there isn't an equivalent solution yet :). > > Stefan
Some people would accept them. Others run with selinux off ... -- MST