>A model I'd prefer would be to have a gateway OS housing multiple VMs. A vm... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		unimpressive on April 2, 2012 \| parent \| context \| favorite \| on: CAP_SYS_ADMIN: the new root >A model I'd prefer would be to have a gateway OS housing multiple VMs. A vm would have full rwx access to a mount point on a filesystem. Any user within the vm would have full permissions. The system would log into the gateway system. If you had particular security needs, you'd implement them at an application level. This sounds...sort of familiar... (http://en.wikipedia.org/wiki/Plan_9_from_Bell_Labs) Sadly; *nix was just good enough.

luriel on April 2, 2012 | [–]

Of particular interest is the paper on Plan 9's security model:

http://doc.cat-v.org/plan_9/4th_edition/papers/auth

zobzu on April 2, 2012 | [–]

Can only agree. Singularity has also a similar model

I think we'll eventually move to that but it could take decades.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact