At 8:25 PM +0200 4/13/05, BÁRTHÁZI András wrote:
An other question is, that how can you tell to the platform, to limit these features, maybe non-modifiable environment variables and command line parameters can be the ways of it.
For that you need a full-blown quota and privilege system. Luckily there are plans for one. :)
As far as boxing a VM into a sub-directory, etc. UNIX (chroot) and VMS make this a breeze since
the mechanisms are builtin to the OS, it is Windows where all the work has to be done.
Maybe Windows has matured since the last time I looked at this sort of thing, but most
sys admins I know still prefer to run their JVMs, app servers, etc. in a UNIX environment
just for this reason.
Solaris 10 just took it to a new level with "zones" although there have been similar patches
out there for BSD and Linux for a long time.
-Melvin
