Re: Mac OS X Jails
Re: Mac OS X Jails
- Subject: Re: Mac OS X Jails
- From: Terry Lambert <email@hidden>
- Date: Thu, 30 Jul 2009 11:45:54 -0700
On Jul 30, 2009, at 8:33 AM, email@hidden wrote:
Is it possible to create Jails in Mac OS X like in FreeBSD or
Solaris Zones?
I haven't found any information on this.
The answer is no.
OS level virtualization requires a multiplication of already
constrained resources and internal interposition of all calls across
protection domain boundaries which deal with potentially conflicting
resource namespaces: authentication tokens, security identifiers,
network interfaces, IPC identifiers, file system namespaces, devices,
etc.. This partitioning is a basic tenet of the jails/zones security
models.
Given your description of your problem space, you don't need
partitioning of additional resource namespaces for security reasons,
so you could simply use chroot instead and handle it as a filesystem/
security identifier namespace issue.
However, since your stated goal is simply multiple development
environments, you probably don't even need that; even chroot is
probably overkill, since all you need to control is really only your
command and object paths, and you can pretty much do that with
environment variables.
-- Terry
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden