General sandbox specs?

Fri Mar 12 18:50:02 EET 2004

On Fri, 12 Mar 2004 14:48:58 +0100, Lars Hallberg wrote:
> This is something I been wondering about sens the birth usermode linux.
> 
> Would it be possable to build a sandbox, wher it is safe to download and 
> run untrusted binarys?

It's better to use a good SELinux policy to sandbox applications like this
I think. From what I've seen SELinux is certainly flexible enough and does
not require the overhead of virtualization.

thanks -mike