Glauber Costa (lead developer at Cloudius-Systems). OSv has smaller attack-surface size than linux.
seL4 vs OSv
Security enhanced micro kernel seL4. seL4 is incomplete and only secures the kernel layer. OSv lets you package safe containers for your apps. "If I run seL4, is my system secure? Not automatically, no. Security is a question that spans the whole system, including its human parts. An OS kernel, verified or not, does not automatically make a system secure. In fact, any system, no matter how secure, can be used in insecure ways. "
OSv is a library-operating-system, and allows you to custom code your Zero-Trust network policies directly into each VM instance, there are no runtime configuration files to worry about, security policies can be compiled into the kernel.
No comments:
Post a Comment