OpenVZ is doing fine as well ;)
Posted Dec 16, 2005 18:02 UTC (Fri) by
dev (guest, #34359)
In reply to:
OpenVZ is doing fine as well ;) by nnnn
Parent article:
The first stable OpenVZ release
No, we are not hiding security fixes and participate in security@kernel.org.
But as you can see both OpenVZ and vserver add additional layer inside the kernel and to some extent actually introduce a new security model. And this security model should be review/checked/thinked over. For example, when you have a kernel bug which allows 'root' user to crash your node it is usually ok, since root is a priviledges and trusted user. In OpenVZ/vserver model root is untrusted user. See the difference? Just an example...
(
Log in to post comments)
