[zurn]

How is the isolation in Xen better than Chrome sandboxes - do you mean the attack surface is smaller, the code quality better, or the task somehow inherently simpler/easier?

From where I sit, vulnerabilities in virtualization have seen less public scrutiny than the Chrome sandbox. Eg none of the hypervisor vendors have a bug bounty program, which would be at least some kind of signal.

[throwaway7767]

The attack surface of a paravirtualized Xen VM to its hypervisor is much smaller than a linux application talking to the linux kernel.

Of course it's not perfect, but xen has a pretty good track record. And a significant chunk of the flaws that have been found xen were found by the qubes devs.

[zurn]

The Chrome sandbox setup doesn't correspond to a regular linux application talking to the kernel though. It has a 2-layer sandbox, with the seccomp-bpf and setuid sandboxes. They restrict the kernel interface to a whitelisted subset.