Tor + SELinux sandbox = leak proof without VM overhead?
coderman
coderman at gmail.com
Sun Aug 29 22:23:45 UTC 2010
On Sat, Aug 28, 2010 at 3:25 PM, intrigeri <intrigeri at boum.org> wrote:
>...
> Please don't misunderstand me. I'm not a fan of VM-based solutions and
> pretty much prefer the bare-metal + Live OS approach, but I feel we
> need to consider their pros and cons in a more detailed way than
> discarding them on the assumption that their cost must be too high
> else we would push for their usage much more than we do.
one last note, these are all complementary techniques. the SELinux
effort early on was applied to VMWare virtual machine rules per
instance on virtual disks and across network devices. improving the
usability of such a configuration by deploying via livecd images
supporting a wide range of hardware would also be a clear improvement
for many users.
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
More information about the tor-talk
mailing list