Virtualization has its values, but neither -security- nor -isolation from all problems- are among them. And that is so, whether chroot, jail, virtual machine, or "hypervisor" solution is selected.
Before anyone asks -- yes, even "firmware" hypervisor virtual machine systems, such as those used in mainframe systems since the 1970s, or on large scale Unix servers beginning in the late 1990s. Even today, on the most modern systems, a failure of a component in one virtual machine can require the entire platform be reset, affecting all virtual machines. Firmware in microcode on the hardware platform is still software, written by human beings.
|