> But suppose I want to build a multi-user system. I could have e.g. 1000 accounts with some 50 of them logged in concurrently. Not an issue with a single kernel resource wise (depending on the HW of course). But running 50 VMs just to get stronger privacy???
I think you missed the part of his comment where he clarifies that he's talking about container-style virtualization (vserver/lxc), not emulated-hardware-style virtualization (kvm/xen).
You can indeed have 50 "VMs" that are all running under the same kernel, with almost no overhead versus running all the same processes in a single "VM". (The information about which VM each process belongs to is just some extra bits in the task struct in the kernel.)