hubertf's NetBSD Blog
Send interesting links to hubert at feyrer dot de!
[20060729] sysjail: a userland virtualisation system using systrace
Found via the #NetBSD community blog, I'm blogging this so I'll find it later when I'm looking for it in my tag list: ``sysjail is a userland virtualisation system for operating systems supporting the systrace library. It runs on OpenBSD and NetBSD. The first generation of sysjail is as close to a drop-in replacement for FreeBSD's jail subsystem as permitted. As with a jail, processes within a sysjail are disallowed resources belonging to the system proper, known as the "host" system, or other sysjail instances. While sysjail currently behaves as an OpenBSD implementation of jail, it has the potential to provide significant auditing, profiling and debugging tools allowing full auditing of intercepted system calls, run-time modification and extension of policies, etc. The sysjail sources are released mainly under the BSD 3-part license (see sources).''

See the sysjail homepage for more. If anyone tries this and has some experiences to share, please send mail to some NetBSD list (and CC: me :).

[Tags: , , ]

Disclaimer: All opinion expressed here is purely my own. No responsibility is taken for anything.

Access count: 35069087
Copyright (c) Hubert Feyrer