DragonFly commits List (threaded) for 2005-02
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

Re: cvs commit: src/sys/kern kern_proc.c

From:	David Cuthbert <dacut@xxxxxxxxx>
Date:	Tue, 01 Feb 2005 21:44:31 -0500

Matthew Dillon wrote:

I think the idea has merit, it just isn't being taken far enough. What we really want here is a 'virtual machine'. The current jail subsystem is still sharing the same kernel resources, data space, and code, and thus could still panic the entire system and could still create cross-jail security issues.

I'm not comfortable with the idea of substituting VMs for jails. While they're not entirely orthogonal (a VM could be viewed as a jail with more separation), I have distinct uses for jails and VMs.

Not so sure that a VM would help with panics. I think you'll just end up swapping one set of panic-causing bugs for another.

Dave

Follow-Ups:
- Re: cvs commit: src/sys/kern kern_proc.c
  - From: Matthew Dillon

References:
- Re: cvs commit: src/sys/kern kern_proc.c
  - From: David Rhodus
- Re: cvs commit: src/sys/kern kern_proc.c
  - From: Joerg Sonnenberger
- Re: cvs commit: src/sys/kern kern_proc.c
  - From: Paul Herman
- Re: cvs commit: src/sys/kern kern_proc.c
  - From: Joerg Sonnenberger
- Re: cvs commit: src/sys/kern kern_proc.c
  - From: David Cuthbert
- Re: cvs commit: src/sys/kern kern_proc.c
  - From: Matthew Dillon

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]