From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=0.4 required=5.0 tests=BAYES_00,FORGED_MUA_MOZILLA
	autolearn=no autolearn_force=no version=3.4.4
X-Google-Thread: 103376,af0c6ea85f3ed92d
X-Google-NewGroupId: yes
X-Google-Attributes: gida07f3367d7,domainid0,public,usenet
X-Google-Language: ENGLISH,ASCII
Received: by 10.68.73.229 with SMTP id o5mr3042298pbv.7.1328854743388;
        Thu, 09 Feb 2012 22:19:03 -0800 (PST)
Path: 
 wr5ni7615pbc.0!nntp.google.com!news1.google.com!news.glorb.com!dotsrc.org!filter.dotsrc.org!news.dotsrc.org!not-for-mail
Date: Fri, 10 Feb 2012 07:19:03 +0100
From: =?ISO-8859-1?Q?Thomas_L=F8cke?= <tl@ada-dk.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:10.0) Gecko/20120131 Thunderbird/10.0
MIME-Version: 1.0
Newsgroups: comp.lang.ada
Subject: Re: Arbitrary Sandbox
References: 
 <8e83f2be-c6e9-4b0b-b53c-d50fe70d01e1@pq6g2000pbc.googlegroups.com>
 <jh25oo$lsl$1@speranza.aioe.org>
 <b413fd6c-dc65-4b85-8126-6d9704c2e3c5@qt7g2000pbc.googlegroups.com>
In-Reply-To: 
 <b413fd6c-dc65-4b85-8126-6d9704c2e3c5@qt7g2000pbc.googlegroups.com>
Message-ID: <4f34b6d6$0$292$14726298@news.sunsite.dk>
Organization: SunSITE.dk - Supporting Open source
NNTP-Posting-Host: 77.234.175.34
X-Trace: news.sunsite.dk
 DXC=6MmWLWAW`5QD]J=fIXJe6_YSB=nbEKnk[K714:jON?7V3ZOKe3?:>XQcAE?;m5ccYSXohdXkZjmRVC3Q83RBSd>]
X-Complaints-To: staff@sunsite.dk
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8bit
Date: 2012-02-10T07:19:03+01:00
List-Id: <comp.lang.ada>

On 02/10/2012 05:41 AM, Rob Shea wrote:
> In other words, a very simple and restrictive, operating system level
> virtualization tool for Windows, that can be initiated by unprivileged
> users.


I have to ask: Why not just virtualize these Windows boxes? Run them
read-only using something like QEMU/KVM or VirtualBox? They both have
a feature where all changes made to the guest OS is written to an image
of your own choice, or simply take a snapshot when starting the OS, do
your stuff and rollback when shutting the guest down.

This is a standard feature in most virtualization solutions.

Or do you have some special needs where the Windows machine _must_
run on bare metal?

-- 
Thomas L�cke | thomas@12boo.net | http://12boo.net