So I know this guy who is in a UML cooperative. UML COOP, if you will.
About 20 folks got together and pitched in to buy a pretty bitchin'
box. They are spliting the monthly charges for hosting, connection,
environmentals, and such. Each COOP member gets root to one UML kernel.
He is concerned about security and is wondering what he can do to
improve security beyond what is being done for the main, physical box
and NIC. The hosting service provides a firewall too, but he doesn't
want to have to rely on it.
I was thinking he could use his account to launch two more UML
processes. One would be his own iptables firewall under his complete
control and responsibility for administration. The second UML instance
could be his server which would serve what he chose through his UML
firewall as its gateway.
Is this reasonable? Is this feasible? Could he do this just as well in
one UML virtual machine? Can I get a sanity check here?
Thanks,
Greg
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:05:41 EDT