Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
From: 7v5w7go9ub0o <7v5w7go9ub0o@...>
Subject: Re: Mini Gentoo in VMWare
Date: Fri, 03 Nov 2006 12:04:33 -0500
>> Basically what I want to do is create a series of VERY tiny VMs that
>> are all independent of each other, which provide one service.  For
>> instance, I might put apache on one VM, and tomcat on another, and so
>> on.  Obviously, I would want their memory usage to be absolutely
>> minimized, seeing that I would like to run them all on one computer.
>> I would probably provide them 64M-128M of RAM each, for their specific
>> service.  Perhaps a little more if really required.

Lots of interest in VMs lately - Is this to increase security (isolating  
servers and components in case one is compromised)? Or perhaps you are  
isolating components for the purpose of evaluating them?

<snip>

> Nick[1] made a post about minimizing Gentoo a while back.
> But that topic was mainly about the disk usage.
> I suppose you would benefit from a system that uses the -Os flag to

<snip>

> But do you think vmware is fit for such a task?
> vmware is a big strain on resources itself.
> You might want to have a look at xen[2] instead.
>
> [1] http://thread.gmane.org/gmane.linux.gentoo.user/160899/focus=160903
> [2] http://www.xensource.com/xen/xen/index.html

Presuming that one is seeking greater security, how does xen compare with  
vmware in that regard?

Would a server in a VM actually be more secure than a server in a  
"hardened" chroot jail?

(though I'd guess that a hardened system would be the best basis for a  
server, VM or chroot; and the logical placement of a VM would be within a  
chroot jail?).

TIA


-- 
gentoo-security@g.o mailing list


Replies:
Re: Re: Mini Gentoo in VMWare
-- Kevin van Haaren
Re: Re: Mini Gentoo in VMWare
-- Brian G. Peterson
Re: Re: Mini Gentoo in VMWare
-- Antoine Martin
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Digest of gentoo-security@g.o issue 54 (722-723)
Next by thread:
Re: Re: Mini Gentoo in VMWare
Previous by date:
Re: ArpStar
Next by date:
Re: Re: Mini Gentoo in VMWare


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.