Virtualization and Linux--A Primer (Part 2) - page 4
Don't laugh, these still have a place in your sandboxing schemes. Every Linux (and BSD and Unix) have chroots (change root) built-in, just waiting to be put to work. Chroots isolate applications from the root filesystem and from each other, so you can do dangerous things without endangering the whole system. Like run several Internet-facing servers on the same box, or test and develop software. BIND, Apache, and Postfix are examples of servers that are commonly run in chroot jails for added security, even when they're not sharing the box with other services.
Chroots are also used to run 32-bit applications on 64-bit systems when 64-bit versions don't exist. The most famous example is the Flash browser plugin, and various other closed-source plugins and multimedia codecs.
Chroots are not perfect protection, and it seems there is always one more important file that you forgot to put inside the jail. But there is no performance hit like there is with User-Mode Linux, and they're easy to set up. They're great for smaller networks where you have just a few servers to ride herd on, and don't feel like getting sucked into the virtualization vortex.
Solid state disks (SSDs) made a splash in consumer technology, and now the technology has its eyes on the enterprise storage market. Download this eBook to see what SSDs can do for your infrastructure and review the pros and cons of this potentially game-changing storage technology.
- 1Linux Top 3: GNOME 3.12 and New Betas for Ubuntu 14.04 and OpenMandriva Lx 2014.0
- 2Linux Top 3: Linus Lashes out, Linux 3.14 Gets PIE and Ubuntu One is Done.
- 3Linux Top 3: Ubuntu 14.04, Debian Gives Squeeze More Life and Red Hat Goes Atomic
- 4Linux Top 3: Linux 3.11, Kubuntu Goes Commercial
- 5Linux Top 3: RHEL 6.5, Debian 7.2 and EOL for Linux 3.0.x