|
 |
William Tracy nous apporta ses lumieres en ce 2007/09/30 18:37:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Alain wrote:
>> There is a way, it's called "sandboxing". The process runs in a limited,
>> closed, virtual machine and only have access to what YOU want it to see.
>
> So, you propose that every time POV code loads an external program, you
> launch a full-scale virtual machine? Are we going to license something
> from VMware? Are you going to ask people to buy extra licenses from
> Microsoft for the copies of the operating system running inside the VM?
> (Jeez, I'm starting to sound like Warp.)
>
> Sandboxing is great for your language's own scripts/bytecode, but is
> less than helpful for _external_ libraries and arbitrary programs, which
> is what we were talking about.
>
> - --
> William Tracy
You don't need a full-scale virtual machine, only a prety limited one only
supporting what you need it to support. You don't need to launch several of
those, you can reuse the same one for several modules. How about one that
simulate some opensource, limited linux-like environment. In fact, you may not
even need to have an OS running in that sandbox! A little like running a ROM
based application on a diskless box. That way, you gain an OS independance,
whitch allows you to use those external modules regardless of what OS you use.
--
Alain
-------------------------------------------------
What happens if you get scared half to death twice?
Post a reply to this message
|
|
