Linked by Thom Holwerda on Fri 12th Jan 2007 00:36 UTC
"User Mode Linux allows you to run Linux kernels as user mode processes under a host Linux kernel, giving you a simple way to run several independent virtual machines on a single piece of physical hardware. Let's take a look at UML and how it can give you more bang for the hardware buck, or make it easier to debug the kernel."
Permalink for comment 201139
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2007-01-12
I had the same idea. Step one is to build a minimal rootfs/chroot environment. A lot of that is done with symlinks into the outside filesystem, for example /usr/bin, so it will not "waste a lot of disk space". Also, you don't need as many libraries, applications, etc. to run selected applications like Firefox.
One also has to symlink some X11 Unix domain sockets (located in /tmp) into your chroot environment so that X applications can be launched. One may have to allow connections to the X server from the chroot environment, which may seem to be a "external machine" (xhost +127.0.0.1).
What UML adds over and above the chroot protection is the ability to capture an attempt to remount, for example, /dev/hda1 in order to break out of the chroot jail. So, the chroot environment built in step 1 is the input to step 2 where you run the same rootfs in UML. I ran Firefox, Opera, etc. in a chroot so I feel like with this could be done with a few hours of learning UML configuration.
You are correct that the security of $HOME is a neglected topic; sometimes attacks are launched to get the information in $HOME and not to try to "own" the box. This does go against the dogma that no one cares what happens to a users directory/information on a *NIX box.