Date: Mon, 18 Nov 1996 20:19:48 -0800 From: Cy Schubert <cy@cwsys.cwent.com> To: "az.com" <yankee@lucy.az.com> Cc: freebsd-security@freebsd.org Subject: Re: grand alternatives to chroot, solution to the age-old root problem Message-ID: <199611190419.UAA01555@cwsys.cwent.com> In-Reply-To: Your message of "Sun, 17 Nov 1996 13:56:56 PST." <Pine.BSF.3.91.961117133249.19647K-100000@lucy.az.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>
> Has anyone considered enabling 'virtual-machines' on UNIX? Why not
> dedicate a physical machine to this purpose and firewall it off from the
> rest by making each virtual machine to appear to be gateway'd via a
> point-point connection to the main subnet. Each user telnets into a unix
> logical "machine" with a distinct IP address of their own. The 'mother'
> kernel above provides a socket to the IP world disallowing sniffing and
> also provides a bandwidth usage auditor and choke. (It looks like a
> completely separate box with its own init, etc.) Each user gets complete
> control in their own machine with access to their web server, programs,
> etc.
>
> No longer do you have to worry about whether they have root or not - in
> fact each user gets to be root! (in their own machine, of course ;) ) If
> they want to hack, get fancy, reboot, etc. - its up to them - its *their*
> system, not yours.
>
> If they blow out the virtual OS space because they gave their password out
> to a grommet or made a mistake, you simply run a utility which checks and
> repairs virtual file system's partitions and refreshes the virtual
> 'environment's' OS from a template.
What you describe here is VM. IBM has been marketing this for its
mainframes for about 25 years. You can IPL (boot) CMS, MVS, VSE, AIX
[UNIX], UTS [also UNIX], MTS, or another VM operating system
(technically VM is a control program [CP], not an operating system)
in a virtual machine. Everything is virtuallized, from memory, to
SMP, to disks (called minidisks). Because of this virtualization of
hardware there is a price to pay in performance and the amount of
hardware required to support the environment. (IBM has
implemented PR/SM, VM in microcode, and it is felt that IBM will be
replacing VM with PR/SM at some future date).
In theory, building such a beast would not require the modification
of any operating system you wish to run under the control of the CP,
except to improve overall system performance, e.g. tell the CP
dispatcher of certain events within the virtual machine to help it
decide whether to give cycles to another virtual machine.
Since all devices are virtualized, you could limit what each virtual
machine would have access to, e.g. a vm may have put its virtual
ethernet interface into a promiscuous mode where in fact the CP will
not allow any sniffing.
Having worked in such an environment in a past life as an MVS
systems programmer, this environment is a handy tool to have,
however in todays age of cheap hardware you may be better off with a
number of FreeBSD boxes connected to an etherswitch.
Regards, Phone: (604)389-3827
Cy Schubert OV/VM: BCSC02(CSCHUBER)
Open Systems Support BITNET: CSCHUBER@BCSC02.BITNET
ITSD Internet: cschuber@uumail.gov.bc.ca
cschuber@bcsc02.gov.bc.ca
"Quit spooling around, JES do it."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611190419.UAA01555>