0

I've read many forums and blogs and articles comparing OpenVZ, KVM and XEN. And I have seen many times that one of the negatives of OpenVZ is that its less secure. However, I have yet to see an explanation as to how and why it is less secure other than the fact that OpenVZ uses a shared kernel.

I assume that if the host is compromised for any of these virtualization technologies, the containers can easily be accessed. So from that perspective, they are the same.

Is it easier to break out of the OpenVZ container and gain access to the host/other containers?

Is there some other way that OpenVZ is less secure?

Thanks.

mhost
  • 1,179
  • 3
  • 16
  • 25
  • [OpenVZ compared to other virtualization technologies](http://en.wikipedia.org/wiki/OpenVZ#OpenVZ_compared_to_other_virtualization_technologies) –  Jan 17 '14 at 21:02

1 Answers1

1

Openvz containers are using the main node kernel to operate, each container doesn't have its own kernel this is called virtualization on the OS level so if there is an exploit in the main node kernel may lead to an hacker compromise the main node and gain access to it, in the other virtualization technologies like kvm or xen every virtual machine has its kernel.

But actually openvz didn't have a big history with exploits that's may lead to gain main node access. Any way i prefere kvm or xen or any full virtualization technology if iam interested in more safety.

If you are going to use openvz just make sure your kernel is updated.

user205537
  • 69
  • 1
  • 7