Firewall Wizards mailing list archives

Re: VM system for firewall use

From: ArkanoiD <ark () eltex net>
Date: Tue, 12 Oct 2004 14:15:36 +0400

nuqneH,

Do you think Xen/TrustedBSD combo is viable solution or there is no good
reason to build such a monster?

On Mon, Oct 11, 2004 at 04:31:41PM -0400, Paul D. Robertson wrote:


RSBAC, SE Linux, or TrustedBSD if it's far enough along.  MAC compartments
are really nice for things like this, but jails aren't all that bad, the
jail should result in a different process address space if you're using a
different ID, shouldn't it- unless you're worried about the same kernel
address space-  if so, UML has to be run on a kernel with SKAS enabled to
negate that.


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

VM system for firewall use ArkanoiD (Oct 11)
- Re: VM system for firewall use Bennett Todd (Oct 11)
- Re: VM system for firewall use John Babwell (Oct 11)
- Re: VM system for firewall use Paul D. Robertson (Oct 11)
  - Re: VM system for firewall use ArkanoiD (Oct 12)
    - Re: VM system for firewall use Paul D. Robertson (Oct 12)
    - Re: VM system for firewall use ArkanoiD (Oct 12)
    - Re: VM system for firewall use Paul D. Robertson (Oct 12)
    - Message not available
    - Message not available
    - Re: VM system for firewall use ArkanoiD (Oct 12)
    - Re: VM system for firewall use Paul D. Robertson (Oct 12)
    - Re: VM system for firewall use Christopher Hicks (Oct 12)
    - Re: VM system for firewall use Christopher Hicks (Oct 12)
    - Re: VM system for firewall use Paul D. Robertson (Oct 12)
    - Re: VM system for firewall use Marcus J. Ranum (Oct 12)
    - Re: VM system for firewall use Bennett Todd (Oct 12)

(Thread continues...)