[nycbug-talk] PostgreSQL on BSD (fwd)

Hubert Feyrer hubert
Tue Oct 11 12:36:39 EDT 2005


On Tue, 11 Oct 2005, Isaac Levy wrote:
> If you mean it runs in a securely confined space via Xen/NetBSD, I'd love to 
> hear more explination-

Well, why do you put it in jail/chroot? :)

Xen gives you the possibility to run several seperate machine instances 
("domains") on one machine, and if one gets hax0red, the other one's not 
affected. There's a special "domain 0" which is the first one and used to 
control all others - it should be kept esp. secure, I know people that only 
give it local/console access, no network at all - even their firewalls run 
inside different domain then, applications too.

More:
http://www.cl.cam.ac.uk/Research/SRG/netos/xen/
http://www.netbsd.org/Ports/xen/

There's also a working port of FreeBSD to Xen, FWIW; to play & see it working, 
check out their Live CD, which has Linux, FreeBSD and NetBSD on it: 
http://www.feyrer.de/NetBSD/oldblog001.html#20050421_0041


  - Hubert




More information about the talk mailing list