Drive hacks (Was:Re: [Pc_Support] Re: VMware pre-made virtual
guests)
Carter Manucy
carter at carter.cc
Sun Aug 6 12:09:19 EDT 2006
Bryan J. Smith wrote:
> Well, I'm just concerned about kernel hacks in general.
>
> I mean, I've basically got to leave the network interface "open" on
> the host OS, so the guest OS can use it.
>
What if you don't bind TCP/IP to the host? I do this routinely...
either that, or just give the host some kind of bogus IP on the NIC,
then let the guest actually assign the 'correct' IP.
Obviously if you don't have individual cards for the different interface
or if you're not able to VLANs, this could be a bigger issue... but I
don't think there's really anything you can do if the host isn't bound
to the same NIC. I've yet to see even a hint of someone being able to
break out of a VM... and although VMWare is no IBM, the IBM "VM's" on
their AS/400's have been around for a long, long time, with nary a worry
(so far as I know) about being able to break out of one VM and either
get to the host or get to another VM.
As a side note, in ESX, you get your own Layer-2 virtual switch 'built
in' to the OS that handles all of the traffic.
-Carter
More information about the Pc_support
mailing list