|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [MirageOS-devel] MirageOS AppVMs on Qubes
On 23 Nov 2015, at 11:15, Thomas Leonard <talex5@xxxxxxxxx> wrote: > > QubesOS is a security-focused desktop OS that runs multiple isolated > VMs under Xen. Typically, these run Linux. For example, I use a Fedora > VM for email and a Debian VM for development. > > There is discussion on the qubes mailing list at the moment about > using unikernel VMs: > > https://groups.google.com/forum/#!topic/qubes-users/h03-1hiNMCc > > I've written a simple test unikernel [1] that supports Qubes' qrexec > protocol. This allows other domains to send command requests to the > VM. If approved by the dom0 policy, a two-way channel (stdin/stdout) > is established between the requesting VM and the unikernel. qrexec is > built on top of vchan, which was easy to support thanks to David > Scott's ocaml-vchan library. > > I've also written a tool [2] to let you upload unikernels built in an > AppVM to dom0 and run them easily. A newbie question -- is there a decent PC ultrabook that anyone can recommend to start running Qubes with working power management? I've heard good things about Dell XPSes... Also, I just ran across this nicely privilege separated TLS daemon: https://www.opsmate.com/titus/ This seems like a good direction for TLStunnel to go in as well -- explicit fine-grained process/VM separation for even the private keys. Running this in Qubes would be interesting... -Anil _______________________________________________ MirageOS-devel mailing list MirageOS-devel@xxxxxxxxxxxxxxxxxxxx http://lists.xenproject.org/cgi-bin/mailman/listinfo/mirageos-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |