General TC > Tiny Core on Virtual Machines

Virtualization or chroot more secure?

<< < (3/5) > >>

tinypoodle:
While this thread got split off from a different thread, a significant aspect of the basic questions changed.

Originally the issue was specifically about vmware being used as part of a security environment, while this by now has become virtualization in general.

With examining "vmware versus chroot for security puprposes", the most fundamental comparison for me would be "closed source proprietary software versus free open source software for a secure environment."

Inherently to the matter, closed source proprietary software could never be recommended as being proven to be highly secure (in pure opposite to any open source code which is up to review [and possible patching]), so using such for security purposes would depend on blind trust of a user.

Of course there are free open source virtualization solutions available where there would be no such security aspect involved.

Ulysses_:
It does look like setting up chroot correctly is anything but trivial for large applications like opera.  For vmware even I can write a "howto", here it is:

1. Download and install vmware player
2. Create a new VM accepting all default settings for ubuntu
3. Download ubuntu .iso
4. Change the VM's CD to the ubuntu .iso using the player menu
5. Change the VM's networking to Bridged using the player menu
6. Set comodo or whatever host firewall to Block All
7. Boot the VM and use firefox, or use synaptic to install opera

And this gives all the protection of a chroot done by an expert.  At the expense of some memory.

tinypoodle:

--- Quote from: Ulysses_ on April 14, 2011, 08:29:36 AM ---And this gives all the protection of a chroot done by an expert.  At the expense of some memory.

--- End quote ---

... and CPU cycles

Ulysses_:

--- Quote from: tinypoodle on April 14, 2011, 09:17:56 AM ---... and CPU cycles
--- End quote ---

Unless you have a cpu that is virtualization-ready, which most of today's cpu's are.

danielibarnes:
With the open-vm-tools-x extension I recently submitted, you can use Unity to give a more integrated look and use shared folders to store bookmarks and other permanent data.

Regarding step 5, why select Bridged then modify host firewall (if exists) instead of using NAT?

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version