Virtualization and Linux--A Primer (Part 2) - page 4
Don't laugh, these still have a place in your sandboxing schemes. Every Linux (and BSD and Unix) have chroots (change root) built-in, just waiting to be put to work. Chroots isolate applications from the root filesystem and from each other, so you can do dangerous things without endangering the whole system. Like run several Internet-facing servers on the same box, or test and develop software. BIND, Apache, and Postfix are examples of servers that are commonly run in chroot jails for added security, even when they're not sharing the box with other services.
Chroots are also used to run 32-bit applications on 64-bit systems when 64-bit versions don't exist. The most famous example is the Flash browser plugin, and various other closed-source plugins and multimedia codecs.
Chroots are not perfect protection, and it seems there is always one more important file that you forgot to put inside the jail. But there is no performance hit like there is with User-Mode Linux, and they're easy to set up. They're great for smaller networks where you have just a few servers to ride herd on, and don't feel like getting sucked into the virtualization vortex.
Solid state disks (SSDs) made a splash in consumer technology, and now the technology has its eyes on the enterprise storage market. Download this eBook to see what SSDs can do for your infrastructure and review the pros and cons of this potentially game-changing storage technology.
- 1Linux Top 3: RHEL 6.7, BackBox Linux 4.3 and RoboLinux 8.1
- 2Linux Top 3: SLES 11 SP4, Chromixium OS 1.5 and Canonical Licensing
- 3Linux Top 3: VirtualBox 5, Point Linux 3.0 and OpenSUSE Leap 42.x
- 4Linux Top 3: Linux 4.2 rc1, 4MLinux 13 and antiX15
- 5Linux Top 3: Linux Mint Rafaela, OpenMandriva Lx 2014.2 and VectorLinux 7.1