Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: Antoine Martin <antoine@...>
Subject: Re: Re: Mini Gentoo in VMWare
Date: Fri, 03 Nov 2006 17:20:01 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> <snip>
> 
>> Nick[1] made a post about minimizing Gentoo a while back.
>> But that topic was mainly about the disk usage.
>> I suppose you would benefit from a system that uses the -Os flag to
Another useful approach is to use a custom disk image with just busybox
+ the software to run/test.

> Would a server in a VM actually be more secure than a server in a
> "hardened" chroot jail?
IMO yes, but since you can have both...

> (though I'd guess that a hardened system would be the best basis for a
> server, VM or chroot; and the logical placement of a VM would be within
> a chroot jail?).
A properly configured VM running in a hardened chroot is going to be
(almost) impossible to escape.

Note you can also contain your VMs with SELinux (both inside and out).
I've posted some pages on how to do this with UML here:
http://uml.nagafix.co.uk/SELinux/

Antoine
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFS3pBrTBrLRG7eDcRAhCcAKCD/WOug/w7B+GN8TsmABB5UQA0LQCeOG04
MEZwfrAf9Ie/1WXWsU5gfeg=
=VVh9
-----END PGP SIGNATURE-----
-- 
gentoo-security@g.o mailing list


Replies:
Re: Re: [gentoo-security] Re: Mini Gentoo in VMWare
-- Javi Moreno
References:
Re: Mini Gentoo in VMWare
-- 7v5w7go9ub0o
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Mini Gentoo in VMWare
Next by thread:
Re: Re: [gentoo-security] Re: Mini Gentoo in VMWare
Previous by date:
Re: Mini Gentoo in VMWare
Next by date:
Re: Re: [gentoo-security] Re: Mini Gentoo in VMWare


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.