1 |
> Yes, since using a chroot jail (even a hardened one - guess you mean |
2 |
> grsec protection or similar) means nevertheless sharing of process |
3 |
> environment and devices. In addition, all chroot instances are using the |
4 |
> same kernel - using a full virtualisation will provide its own kernel |
5 |
> for each guest, so a vulnerability in one of these environments won't |
6 |
> necessarily effect the other instances. |
7 |
|
8 |
How stable is VMWare? |
9 |
Can a hacked instance of VMWare bring down the entire system? |
10 |
|
11 |
-- |
12 |
gentoo-hardened@g.o mailing list |