2

Using Ubuntu 11.04 as a Desktop OS, I want to reach "bigger security" with a "jailing" processes:

VirtualBox, Google Chrome, Firefox, VLC, PDF/djvu reader, MP3 player, wine, pidgin, transmission, LibreOffice.

Normally I would create separate users, and put .desktop icons on the "main users" Desktop, with using gksu+/sudoers setting/ in the .desktop files to "passwordlessly" launch the application as different user.

If I understand correctly Qubes OS uses XEN to really separate the applications from each other.

The Question: How could I sandbox/chroot/jail (or however you say it) the above applications so that the main user just has to click on an icon on his Desktop to launch them without the system asking for password?

Improve this question

1 Answer 1

Reset to default
3

You want Linux Containers: http://lxc.sourceforge.net/

You can both run a single process and a whole OS. It's sort of virtualization without virtualization.

Improve this answer
1

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .