[Vm-dev] How to create headless VM without some primitives?

tim Rowledge tim at rowledge.org
Sun Apr 19 17:53:46 UTC 2020



> On 2020-04-18, at 7:27 PM, Pierce Ng <pierce at samadhiweb.com> wrote:
> 
> 
> On Fri, Apr 17, 2020 at 01:11:54AM -0500, Erik Stel wrote:
>> This would limit the ability to write, but you can't prohibit reading the
>> filesystem I think. The VM needs to read the image for one thing. If the VM
>> would allow FFI or OSProcess, would it be possible to limit application
>> execution using container configuration? Because with FFI/OSProcess a
>> (naughty) user could try to gain access to applications or data.
> 
> Hi Erik,
> 
> My VM is built on Alpine Linux. The official Alpine Linux Docker image
> is about 5MB. Adding the VM and plugins (including my own custom
> libsqlite3.so and some other shared libraries) gives a Docker image
> under 20MB. The size of your application - Smalltalk image, changes if
> required, other artefacts - is in your control of course.

Any pointers you can offer to a decent 'Dummies guide to Docker and containers' would be appreciated. I need the an equivalent to 'See container. See container run. Run, container, run!' sort of intro.

tim
--
tim Rowledge; tim at rowledge.org; http://www.rowledge.org/tim
The severity of the itch is proportional to the reach.




More information about the Vm-dev mailing list