[Dev] Linux Containers on Tizen

Jan Olszak j.olszak at samsung.com
Mon Mar 10 09:03:09 GMT 2014


Hi there!

We would just like to let you know, that we started working on containers
for Tizen. 

 

The idea is to use containers (cgroups + namespaces) and a bunch of our code
to create the ultimate isolation mechanism. Inside the container we start
systemd, services, even separate X server and apps have to be installed
explicitly inside a container. This way we get several Tizen-guests running
on one Tizen-host - almost as if we had many devices running on one physical
device. 

 

Why so serious? The point of this pseudo virtualization is to prevent any
kind of attack between apps running on different Tizen-guests. First of all
we could use this to isolate business applications from the possibly
untrusted private ones (or the other way around - depends on the perspective
:) The second example is a guest container - you can press a magic button
and give the mobile to your kid without any risk.

 

So far we use the magnificent Libvirt for managing containers, we managed to
start Systemd (though we're struggling with the user namespace) and switch
between working Tizens with just a click of a button (yes, it's fast). 

 

Thanks!

Jan Olszak

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.tizen.org/pipermail/dev/attachments/20140310/3a4e4cae/attachment.html>


More information about the Dev mailing list