BSD Jails, a Better Virtual Server?

gManZboy writes "Poul-Henning Kamp, a FreeBSD committer, has an article up about BSD Jails as part of Queue's special report on virtual machines. He describes BSD's interesting 'semi-permeable' approach to VMs, and the importance of security in VM architectures. The article is co-written by Robert Watson, a DARPA principal investigator in the Host Intrusion Protection (HIP) Research Group at McAfee Research."

Re:Are BSD jails the only option?

[Homology]

BSD jail system is good, but falls far behind compared to Linux nowadays.

This may be the case, but for many Linux users these security improvements are not easily available since they are not supported by the major Linux distributions.

As an example, OpenBSD supports and integrates various technologies out of the box, while similar technologies is unavailable for most Linux users. Unless you do a huge amount of work, and have the required knowledge to patch your system, of course.

It's like the old proverb "Better with one bird in the hand, than ten on the roof."