Friday, March 24, 2006

TUT105: Virtual Machines and Security

This session lasted 22 minutes. Let me summarize:

Using separate servers to separate your stuff is the most effective way to separate things, but it is the most expensive.

Using VMs to separate virtual servers is a bad idea, since the VM can be escaped pretty easilly. Even Xen. Even VMWare. Medium cost, doesn't give you much.,

AppArmor wraps around applications so they can't misbehave. It is cheap, and gives you a lot. Use it.

The end.

Unsatisfying in detail, but there you are.

