[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor + SELinux sandbox = leak proof without VM overhead?

On Sat, Aug 28, 2010 at 3:25 PM, intrigeri <intrigeri@xxxxxxxx> wrote:
> Please don't misunderstand me. I'm not a fan of VM-based solutions and
> pretty much prefer the bare-metal + Live OS approach, but I feel we
> need to consider their pros and cons in a more detailed way than
> discarding them on the assumption that their cost must be too high
> else we would push for their usage much more than we do.

one last note, these are all complementary techniques. the SELinux
effort early on was applied to VMWare virtual machine rules per
instance on virtual disks and across network devices. improving the
usability of such a configuration by deploying via livecd images
supporting a wide range of hardware would also be a clear improvement
for many users.
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/