Re[2]: FreeBSD on Xserve?

• Previous message: Igor Shmukler: "Re[4]: FreeBSD on Xserve?"
• In reply to: Morten Liebach: "Re: FreeBSD on Xserve?"
• Next in thread: Nikita Danilov: "Re: FreeBSD on Xserve?"
• Reply: Nikita Danilov: "Re: FreeBSD on Xserve?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: Morten Liebach <m@mongers.org>
Date: Sun, 12 Sep 2004 23:54:32 +0400

> > If original author wants to mature OS with MAC and SMP support SELinux
> > might be a good candidate.
> > However, Linux does not have jails. Only other OS that has them is
> > Solaris 10 which does not run on PPC.
>
> There's something named User Mode Linux which seems to be a little like
> jails. I haven't got the faintest idea how well it works.

I could be wrong, but AFAIK UML is not same thing as jail. AFAIK, UML has a serious performance penalty.
It used to work pretty well for 2.4.x kernels. However, there are associated issues with keeping UML up to date.
I don't think UML ever made it into mainline. Jail is part of kernel.

Personally, I think that if jail was available on Apple hardware it would be a serious argument for using FreeBSD instead of Linux.
IBM boxes support virtualization, but Apple machines don't have that feature. The flip side is that probably most people who buy G5 machines are more concerned about FP performance.

> > I am not sure what kind of stack protection was referred in the
> > original email. OpenBSD has propolis, but I was under impression there
> > is no such option in FreeBSD. I recall that it was decided that
> > security by obscurity will not make it into the kernel.
>
> It's "propolice".

Thank you for correcting me. Indeed I did not spell propolice correctly.

> Maybe http://www.trl.ibm.com/projects/security/ssp/buildfreebsd.html
> would be of interest.
>
> There's more than just obscurity to it, but it is obviously better to
> have correct code to begin with, then things like Propolice isn't
> needed...

That's a choice of terminilogy. The word obscurity has no mathematical style definition.
_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"

• Previous message: Igor Shmukler: "Re[4]: FreeBSD on Xserve?"
• In reply to: Morten Liebach: "Re: FreeBSD on Xserve?"
• Next in thread: Nikita Danilov: "Re: FreeBSD on Xserve?"
• Reply: Nikita Danilov: "Re: FreeBSD on Xserve?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: FreeBSD on Xserve? ... but AFAIK UML is not same thing as jail. ... UML (User Mode Linux, user-mode-linux.sf.net) is a port of Linux kernel ... (freebsd-hackers) uml on sarge ... I tried running uml (User Mode Linux) on Sarge but it fails. ... I've install the following packages: ... I get a kernel panic (In UML) saying can't mount the root device. ... (Debian-User) Re[2]: vkernel & GSoC, some questions ... What's vkernel's or modern UML multithreaded performance compared to native? ... Given the fact that there are not as many developers as needed, what would be a practical purpose of vkernel? ... Now that Linux about to have or already has container technology, hosting on UML makes little sense. ... I think it will be good to have similar in FreeBSD. ... (freebsd-hackers) Re: Datamodelling under linux ... I think what we're all looking for is ErWin for Linux under ... > data modelling as in RDBMS modelling:) UML modelling tools ... (Ubuntu) Re: [Devel] Re: [RFC] Virtualization steps ... low-level virtualization uses resource ... With this higher-level stuff, you get to share all of the Linux caching, ... I currently guess Jail is quite practical than Xen. ... If you need multiple VMs, ... (Linux-Kernel)