From: Jan Hudec <bulb@ucw.cz>
To: David Wagner <daw@mozart.cs.berkeley.edu>
Cc: linux-kernel@vger.kernel.org
Subject: Re: Simple patches for Linux as a guest OS in a plex86 VM (please consider)
Date: Sat, 25 Jan 2003 13:00:38 +0100 [thread overview]
Message-ID: <20030125120038.GL693@vagabond> (raw)
In-Reply-To: <b0sqag$mau$1@abraham.cs.berkeley.edu>
On Sat, Jan 25, 2003 at 01:46:56AM +0000, David Wagner wrote:
> Lars Marowsky-Bree wrote:
> >All alternatives I have seen to UML (plex, vmware, UMLinux) suck IMHO.
>
> It seems plausible to expect that it might be easier to verify security
> in plex86-based approaches than it is to verify security in UML.
IIRC plex86 requires quite large module on the host. And I am not sure
it's does not have any privilegies. Umlinux requires no or very minimal
(thus easy to check for insecurities) patch to kernel and does not need
any privilegies (except the helper that sets up networking, but that's
pretty minimalistic too). If you properly chroot the umlinux process,
it's very secure (the skas mode will only work in chroot once it's made
to use syscall).
-------------------------------------------------------------------------------
Jan 'Bulb' Hudec <bulb@ucw.cz>
next prev parent reply other threads:[~2003-01-25 11:51 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20030122182341.66324.qmail@web80309.mail.yahoo.com.suse.lists.linux.kernel>
2003-01-22 19:16 ` Simple patches for Linux as a guest OS in a plex86 VM (please consider) Andi Kleen
2003-01-22 19:30 ` Kevin Lawton
2003-01-23 5:11 ` Kevin Lawton
2003-01-23 5:50 ` Kai Germaschewski
2003-01-23 7:00 ` Kevin Lawton
2003-01-23 7:24 ` Andrew Morton
2003-01-23 15:41 ` Kevin Lawton
2003-01-24 15:49 ` Pavel Machek
2003-01-24 17:14 ` Kevin Lawton
2003-01-24 18:02 ` Lars Marowsky-Bree
2003-01-25 1:46 ` David Wagner
2003-01-25 12:00 ` Jan Hudec [this message]
2003-01-27 12:42 ` Pavel Machek
2003-01-26 20:00 ` Pavel Machek
2003-01-26 20:05 ` Lars Marowsky-Bree
2003-01-27 5:42 ` Nuno Silva
2003-01-24 3:32 Kevin Lawton
-- strict thread matches above, loose matches on Subject: below --
2003-01-22 18:23 Kevin Lawton
2003-01-22 19:56 ` Andrew Morton
2003-01-22 20:11 ` Kevin Lawton
2003-01-22 20:17 ` Andrew Morton
2003-01-22 20:35 ` Kai Germaschewski
2003-01-23 18:28 ` Ingo Oeser
2003-01-23 22:26 ` Jamie Lokier
2003-01-24 3:21 ` Kevin Lawton
2003-01-24 15:46 ` Pavel Machek
2003-01-24 16:52 ` Kevin Lawton
2003-01-24 19:01 ` Valdis.Kletnieks
2003-01-24 19:09 ` Kevin Lawton
2003-01-24 20:18 ` Derek Fawcus
2003-01-24 20:56 ` Kevin Lawton
2003-01-24 21:00 ` David Lang
2003-01-24 22:02 ` Kevin Lawton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20030125120038.GL693@vagabond \
--to=bulb@ucw.cz \
--cc=daw@mozart.cs.berkeley.edu \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox