[nycbug-talk] PostgreSQL on BSD (fwd)
Hubert Feyrer
hubert
Tue Oct 11 12:36:39 EDT 2005
On Tue, 11 Oct 2005, Isaac Levy wrote:
> If you mean it runs in a securely confined space via Xen/NetBSD, I'd love to
> hear more explination-
Well, why do you put it in jail/chroot? :)
Xen gives you the possibility to run several seperate machine instances
("domains") on one machine, and if one gets hax0red, the other one's not
affected. There's a special "domain 0" which is the first one and used to
control all others - it should be kept esp. secure, I know people that only
give it local/console access, no network at all - even their firewalls run
inside different domain then, applications too.
More:
http://www.cl.cam.ac.uk/Research/SRG/netos/xen/
http://www.netbsd.org/Ports/xen/
There's also a working port of FreeBSD to Xen, FWIW; to play & see it working,
check out their Live CD, which has Linux, FreeBSD and NetBSD on it:
http://www.feyrer.de/NetBSD/oldblog001.html#20050421_0041
- Hubert
More information about the talk
mailing list