On Wednesday 14 January 2009, Rich Morin wrote: > I'm writing a wiki which allows arbitrary code to be run in the > page generation process. In order to keep this from endangering > the server, my plan is to run the code within a jail within a VM. > > The jail would provide lightweight file system protections; the > VM would provide robust file system protections, as well as some > protections against the code initiating unwanted IP connections. > > So, when the main wiki app receives a request for a page, it > makes a request to the page generation app. The generation app > should have extremely limited networking access (eg, a single > port on the host machine, served by a very paranoid program). > > Can VirtualBox provide this kind of control? If so, where might > I find information on how to set up such a configuration?
Try NAT port forwarding (keep in mind, this feature is currently (version 2.1.0) broken on Windows hosts). Kind regards, Frank -- Dr.-Ing. Frank Mehnert Sun Microsystems http://www.sun.com/
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ vbox-users mailing list [email protected] http://vbox.innotek.de/mailman/listinfo/vbox-users
