Re: Operating system-level virtualization: how to make it?

[Victor Padro <vpadro@gmail.com>]

On Tue, May 26, 2009 at 1:08 PM, Boyd Stephen Smith Jr. <bss@iguanasuicide.net> wrote:

In <[🔎] 4a1c2c45.1c05d00a.3255.5414@mx.google.com">[🔎] 4a1c2c45.1c05d00a.3255.5414@mx.google.com>, Sthu Deus wrote:
>Thank You for Your time and answer, Sylvain:
>> Use a chroot (standard) or a vserver (search for vserver in debian
>
>AFAIK, it is not safe to use chroot - for an evil doer can logout from
>chroot once it detects it.

Escaping a good chroot is difficult as a non-root user.  However, I'm not
sure it is worth worrying about.  There have been exploits to escape UML,
VServer, Xen, KVM, and KQemu, too.

Of course, chroot isn't really virtualization in the modern sense.  Xen,
KVM, or VServer are.  I don't like VServer personally.  Xen has backing from
Novell and KVM has backing from RedHat, so I'd choose one of those and go
googling for a HOWTO.
--
Boyd Stephen Smith Jr.                   ,= ,-_-. =.
bss@iguanasuicide.net                   ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy         `-'(. .)`-'
http://iguanasuicide.net/                    \_/

OpenVZ is the best alternative for operating system level virtualization, like Boyd I don't like VServer either.

BTW Boyd, Xen is backed up by Citrix, not Novell.  ;-)

KVM and Xen are hardware virtualization technologies.


-- 
"It is human nature to think wisely and act in an absurd fashion."

"Todo el desorden del mundo proviene de las profesiones mal o mediocremente servidas"