[DGD] Virtualization, in the Xen or VMware sense.
Shentino
shentino at gmail.com
Thu Aug 28 10:14:19 CEST 2008
Filenames were already on the "todo list" of things to be
"trasnslated" ;). I was going to use the real Klib's own security
mechanisms on home dirs to protect them from inappropriately accessing
each other's files.
Basically, a VM called "foobar" would have all of its files in
/home/foobar, and all objects would be owned by "foobar' as far as the
real Klib, used by the VMM, is concerned.
Secondly, object based security would be handled similiarly, simply
treating any "VM-ese" filename as a real filename with the VM specific
prefix of /home/<vm name>.
Anything "returning" a filename would be translated from the real
filename to a stripped version meant for VM visibility. If the prefix
doesn't match, then zomg, there's been a leakage.
What could be tricky is converting the Klib into a VMM friendly
version. Either the real klib needs amended, or the version exposed
to the VMs needs amended. There's nomask functions in the Klib...
Anyway, thanks for mentioning filenames. It is, if nothing else,
emphasis on something I already thought of. Are there any other
catches I need to be aware of apart from blocking driver-wide effects
(shutdown, statedump, etc)
More information about the DGD
mailing list