From: Jeff D. <jd...@ka...> - 2002-01-31 01:23:35
|
si...@op... said: > Do you reckon it's secure and stable enough to do something like a > very secure sandboxed virtual server. Secure - you want to use UML 2.4.17-9 or later because that's what implements the security that UML had previously been missing. You also might want to read the slides (and notes) for the talk I gave about this at Dartmouth yesterday (http://user-mode-linux.sourceforge.net/slides/ists2002/umlsec.htm - the Star Office presentation is there as well if anyone is interested in giving variants of it). Note that there is a bit of work on the host needed to make UML totally secure against breakout - this is described in the talk above. And, of course, it can't be considered really secure until people who know how to break in and out of things have tried to break out of UML and failed, which they haven't yet. Stable - This depends on the app, and I'm not really qualified to comment on whether it's stable enough because I only write it, I don't actually use it for much :-) However, that won't stop me from commenting anyway... Below, stable == "people are willing to use UML for real work" Development - UML is stable and has been for quite a while kernel development - I've heard from enough Linux kernel developers in enough random ways that I think that a fair amount of kernel work is being done inside UML small distributions/tools - projects like busybox, trinux, and other bootable business cards/small distributions and tools are making heavy use of UML network - UML is part of the FreeS/WAN test harness, and I've heard from a number of people who are doing this sort of network development using UML virtual networks. embedded systems - Red Hat is apparently shipping UML as part of their embedded systems development kit. Also, if you look closely at these lists, a fair number of posts have a decidedly embedded systems slant to them. This leads me to believe that there's a large amount of embedded systems development happening in UML that no one is talking about. Sandboxes, jails, honeypots - UML is probably stable Most activity I know about is with honeypots. I know of one project that's planning to deploy UML as a honeypot fairly soon. The honeynet.org project is making similar plans, but I don't know what timeframe they're thinking about. These are going to be dealing with some fairly nasty characters, so security is a priority. Stability is less so because logging and monitoring will be done on the host, and you don't really care if the nasty characters lose any "work". Hosting, virtual colocation - probably not yet, but probably soon I don't know of any actual production deployments yet, although I've heard of a number of outfits considering it. There are also some bugs that I would want to fix before doing this myself, notably the pthreads bug (which I figured out yesterday and think I know how to fix). I'd be interested in hearing about who's considering using UML for real stuff, and what the decision turns out to be. Of course, "yes" is the preferred decision, but I'd like to know about the "no"s (plus reasons) as well. That'll tell me what needs working on. Also, if these are public, I would expect, over time, a public record of "no"s for an application of UML turning into "yes"s, which would give other people thinking about the same thing some level of comfort about going ahead. Jeff |