Ok, so virtual machines for x86 (VirtualBox, VMware, etc) does not necessarily
give you additional security. "Security by virtualization is a failure":
http://www.serverwatch.com/tutorials/article.php/3905096/Use-Virtual-8086-Mode-to-Secure-Virtual-Servers.htm
I wonder, how does the Solaris Zone
On 12/27/10 05:34, Orvar Korvar wrote:
> Ok, so virtual machines for x86 (VirtualBox, VMware, etc) does not
> necessarily give you additional security. "Security by virtualization is a
> failure":
> http://www.serverwatch.com/tutorials/article.php/3905096/Use-Virtual-8086-Mode-to-Secure-Virtual-S
Ok, thanks. So, Solaris zones are probably not susceptible to these kind of
attacks, it seems.
But I was considering running VirtualBox in each local zone and surf from the
VirtualBox virtual machines. So, in that case, then you can exploit that attack
in each local zone. But you could not acce
> But I was considering running VirtualBox in each local zone and surf from the
> VirtualBox virtual machines. So, in that case, then you can exploit that
> attack in each local zone. But you could not access the other local zones,
> because of underlying Zone model?
As a part of VBox is locate
On 12/27/10 08:15, Orvar Korvar wrote:
> Ok, thanks. So, Solaris zones are probably not susceptible to these kind of
> attacks, it seems.
>
> But I was considering running VirtualBox in each local zone and surf from the
> VirtualBox virtual machines. So, in that case, then you can exploit that
On (12/27/10 08:26), James Carlson wrote:
> That's not quite what I'd call "simple," but I guess it's a matter of
> taste. That uses VNICs and exclusive IP stack zones, which wasn't what
> I was describing in my previous message. Doing it that way means that
> you have to grant privileges to the
In message <1922922131.01293446116372.javamail.tweb...@sf-app1>, Orvar Korvar w
rites:
>BTW, My original plan does not work. I have SunRay clients, which means I can
>not shutdown the global zone's NIC - because then the SunRay will stop functio
>n. I must somehow separate local zones traffic, fro
On Mon, Dec 27, 2010 at 02:34:45AM -0800, Orvar Korvar wrote:
> Ok, so virtual machines for x86 (VirtualBox, VMware, etc) does not
> necessarily give you additional security. "Security by virtualization
> is a failure":
> http://www.serverwatch.com/tutorials/article.php/3905096/Use-Virtual-8086-Mod