On Thu, Nov 21, 2013 at 9:12 AM, Alexandre Biancalana <[email protected]> wrote: > > On Thu, Nov 21, 2013 at 12:48 AM, Eitan Adler <[email protected]> wrote: >> >> On Wed, Nov 20, 2013 at 12:55 PM, Bruno Lauzé <[email protected]> wrote: >> > >> > Using jails, customers are uncomfortable with the fact documents can be >> > accessed from the host with root access.Project VPS seems to isolate more >> > the guest from the host but not as well as an hypervisor like bhyve. With >> > an >> > hypervisor what the client have is private, as long as the host can manage >> > the disk, delete it, but the information is kept private from the host. >> > Any suggestions how to offer jail, vps, or anything containers >> > techniques with total file system isolation from the host, or the only way >> > is to go hypervisor, with the performance and instances count penalty that >> > goes with it? >> >> Untrusted hypervisors is an active area of academic research. >> However, any such scheme requires additional hardware support. >> >> If you are interested I can give you some papers to look at. > > > I'm interested, can you provide the links of the papers ?
I've replied in private mail. -- Eitan Adler _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization To unsubscribe, send any mail to "[email protected]"
