> An "old-school" type, like myself, is also reassured somewhat, by
> allocating only what dom0 would only ever need - net services,
> compiling, running programs, etc. is isolated to domu's. Then, in the
> event dom0 is ever compromised (though very highly unlikely), or even
> if I accidentally start something there, dom0 can't take memory away -
> a DoS prevention, of sorts...
With all honesty, I can't see why would anyone want to put development
tools on the Dom0 in the first place. Actually, why would you run any
services (besides maybe SSH) there?
I run my Dom0's as minimal as possible. If there is a need to compile
anything I do it on a separate machine or in a DomU configured
specifically for development.
Xen-users mailing list