chroot breakout (was: Xen 2.0 Virtual Machine)

[Brian Densmore]

-----Original Message-----
> From: Garrett Goebel
>
>> Have you tried to just chroot into another one? 
> For _a_ test environment, that's fine. But not for
> running multiple simultaneous test environments, 
> or giving away root accounts. 

Are you saying that you can't open up multiple CLIs
and run chroot in as many simultaneous instances as
memory and diskspace allow? 

[somewhat OT: ]
Also if one can break out
of a chroot environment then they have the skill to
own the machine anyway. You need to be able to find and
use a security flaw on the machine that would give you
root access and have access inside of the chrooted
environment to a compiler or perl interpreter. So the 
fact that one could own a machine from inside a chroot
environment doesn't increase the possibility that 
someone could get root access. Although what that has to
do with wanting to run a VM, which is what this thread is
about, eludes me. In order to run a VM a user would need
an account on your box, and if they are going to crack
your system and have the knowledge to break out of a 
chrooted environment, then they can own your box from 
their user account.