On Wed, 22 Sep 2010 15:29:59 -0400 (EDT), Mark Allums wrote:
I am probably way late on this one, but that maneuver is a nonstarter.
Nested Virtualization is very difficult and kind of pointless. A few
security researchers[0] have done it, mostly as a stunt to prove a
technical point, but it is very unstable. You *can* run DOSbox in a VM,
but generally the question is, why would you?
That may be true for some virtualization software, but not for all.
My "day job" is as a system programmer for IBM mainframe systems,
and among my duties is responsibility for a z/VM system. In z/VM,
nested virtualization is not difficult, pointless, or unstable. I routinely
install a new release of z/VM in a virtual machine running under
the production release of z/VM, for example. There's even instructions
in IBM's installation manuals for how to do this.
z/VM is probably the most robust virtualization platform available
anywhere, having been developed, tweaked, and honed by IBM since 1967.
But it has two distict disadvantages: (1) it is proprietary, for-charge
software and (2) it only runs on IBM mainframes.