| 1 |
* Bill Longman <bill.longman@×××××.com> wrote: |
| 2 |
|
| 3 |
> Basically just run VMWare/Virtualbox etc and put the services in there. |
| 4 |
|
| 5 |
well, these solutions are way "bigger" (iow: more resource |
| 6 |
intensive), since they run a complete operation system instance |
| 7 |
within the virtual machine. |
| 8 |
|
| 9 |
> No, chroots are NOT the same. They run on the same system. |
| 10 |
|
| 11 |
well, chroots have not much to do with containers (even contains |
| 12 |
could be said to include chroot as a building block) - they just |
| 13 |
run certain processes with a different root directory (iow: these |
| 14 |
processes see just see a subdirectory as it would be the whole |
| 15 |
filesystem). that's nice for testing porposes or to isolate |
| 16 |
different kind of isolate programs/libraries (eg. use different |
| 17 |
libc's, ABIs or calling conventions, 32bit subsystems on an |
| 18 |
native 64bit host, etc, etc), but don't really add security. |
| 19 |
|
| 20 |
|
| 21 |
cu |
| 22 |
-- |
| 23 |
---------------------------------------------------------------------- |
| 24 |
Enrico Weigelt, metux IT service -- http://www.metux.de/ |
| 25 |
|
| 26 |
phone: +49 36207 519931 email: weigelt@×××××.de |
| 27 |
mobile: +49 151 27565287 icq: 210169427 skype: nekrad666 |
| 28 |
---------------------------------------------------------------------- |
| 29 |
Embedded-Linux / Portierung / Opensource-QM / Verteilte Systeme |
| 30 |
---------------------------------------------------------------------- |
Archives