Gabriel Ambuehl <[EMAIL PROTECTED]> wrote: > As I said, in such setups you probably don't even want them to run in > the same address space. If you got goobs of memory and CPU, the security > aspect is well worth the few percent performance hit of running it > inside Xen or something similar and once we get hardware virtualization > in commodity X86 chip it will be even more important to be able to do it.
I don't understand what this has to do with Xen or similar approaches. Every process has it's own address space anyway. And if there are local root exploits, they need to be fixed, just as security flaws that might exist in Xen or whatever. Just the fact that Xen enables you to run several operating system instances does not increase security. Johannes
