Y
Hacker News
new
|
ask
|
show
|
jobs
by
startling
3528 days ago
Sure, it can go either way. But in the absence of a kernel 0-day, segregating services on the same host is useful.
1 comments
AstralStorm
3527 days ago
And if a kernel 0-day is available, putting the services in a VM might help. Depending on whether an exploitable bug in the hypervisor exists.
link