* [9fans] Per Application Name Space
@ 2009-12-01 17:13 Jun OKAJIMA
2009-12-02 3:18 ` Sam Watkins
0 siblings, 1 reply; 4+ messages in thread
From: Jun OKAJIMA @ 2009-12-01 17:13 UTC (permalink / raw)
To: 9fans
Hello 9Fans readers.
First, please try my "Secure Click".
http://www.secureclick.jp/
Secure Click is a new secure application
executing environment.
Secure Click can run *any* distribution *safely* under jail.
Anyway, try it out first.
The core of Secure Click consists of two parts:
1. Jail. OpenVZ and LXC is supported for now.
2. Per Application Name Space.
Secure Click runs apps by "One App in One Jail" basis.
So, each app is isolated from both other apps and host OS.
And, each jail has own file tree, synthesized by "tagfs".
"tagfs" synthesizes file tree which is very same for
each distribution.
I mean, for example, when you run debian app in jail,
tagfs creates debian file tree, which is very same for
real debian. If you run Fedora app, tagfs creates
Fedora tree.
So, you can run any distribution under jail.
In the other aspect of view, each app has each name space
which is derived from each distribution.
I think this is a kind of "Per *Application* Name Space".
And this is similar to Plan9 "Per User" name space concept,
so this is the reason I want to hear opinions from Plan9
experts like you.
Any impression is very welcome.
By the way, anybody knows where to discuss
*general* technological aspect of linux distribution?
There are many MLs for each distribution,
but no general one.
--- Okajima, Jun. Tokyo, Japan.
http://www.digitalinfra.co.jp/
http://www.secureclick.jp/
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [9fans] Per Application Name Space
2009-12-01 17:13 [9fans] Per Application Name Space Jun OKAJIMA
@ 2009-12-02 3:18 ` Sam Watkins
2009-12-05 4:06 ` Jun OKAJIMA
0 siblings, 1 reply; 4+ messages in thread
From: Sam Watkins @ 2009-12-02 3:18 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
hi Jun,
It looks interesting. Is there a windoze version under development? I suppose
there are suitable VM systems that run on windoze. Of course your potential
user-base grows if you support windoze! The VM could still run Debian or some
other OS of course.
Your page says it's safe to run an application even if it has viruses, but I
think that is not right. A virus with network access may start sending spam
email, committing cyber-crime (DDOS for example) or attacking the host computer
or other hosts on your LAN. Your virtualization may protect your computer
somewhat, but it's still not safe to run an application with viruses. It would
be more safe if networking is disabled for the VM.
I don't know of a forum for discussing custom distributions in general. I also
need such a forum, as I need to make a custom distro myself in the next few
weeks.
Sam
On Wed, Dec 02, 2009 at 02:13:17AM +0900, Jun OKAJIMA wrote:
> First, please try my "Secure Click".
> http://www.secureclick.jp/
>
> Secure Click is a new secure application executing environment. Secure Click
> can run *any* distribution *safely* under jail.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [9fans] Per Application Name Space
2009-12-02 3:18 ` Sam Watkins
@ 2009-12-05 4:06 ` Jun OKAJIMA
2009-12-05 4:21 ` Sam Watkins
0 siblings, 1 reply; 4+ messages in thread
From: Jun OKAJIMA @ 2009-12-05 4:06 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
On Wed, Dec 2, 2009 at 12:18 PM, Sam Watkins <sam@nipl.net> wrote:
> hi Jun,
>
> It looks interesting. Is there a windoze version under development? ꀀI suppose
> there are suitable VM systems that run on windoze. ꀀOf course your potential
> user-base grows if you support windoze! ꀀThe VM could still run Debian or some
> other OS of course.
>
Currently not.
But maybe in the future?
> Your page says it's safe to run an application even if it has viruses, but I
> think that is not right. ꀀA virus with network access may start sending spam
> email, committing cyber-crime (DDOS for example) or attacking the host computer
> or other hosts on your LAN. ꀀYour virtualization may protect your computer
> somewhat, but it's still not safe to run an application with viruses. It would
> be more safe if networking is disabled for the VM.
>
You are right. Network limitation will be added
in the future version.
For example,
you have to go through a proxy with security filtering or...
--- Okajima, Jun. Tokyo, Japan.
http://www.digitalinfra.co.jp/
http://www.secureclick.jp/
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [9fans] Per Application Name Space
2009-12-05 4:06 ` Jun OKAJIMA
@ 2009-12-05 4:21 ` Sam Watkins
0 siblings, 0 replies; 4+ messages in thread
From: Sam Watkins @ 2009-12-05 4:21 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
On Sat, Dec 05, 2009 at 01:06:49PM +0900, Jun OKAJIMA wrote:
> Currently not.
> But maybe in the future?
If you want to do that (make it run on windows) you might like to look at
pendrivelinux.com which has various examples of firing up VMs to run linux from
a usb device under windows, the techniques / scripts would presumably also work
for other guest OSes.
> Network limitation will be added in the future version. For example, you
> have to go through a proxy with security filtering or...
great :) I like your project.
Sam
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2009-12-05 4:21 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-12-01 17:13 [9fans] Per Application Name Space Jun OKAJIMA
2009-12-02 3:18 ` Sam Watkins
2009-12-05 4:06 ` Jun OKAJIMA
2009-12-05 4:21 ` Sam Watkins
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).