ub.xmlui.mirage2.page-structure.muninLogoub.xmlui.mirage2.page-structure.openResearchArchiveLogo
    • EnglishEnglish
    • norsknorsk
  • Velg spraaknorsk 
    • EnglishEnglish
    • norsknorsk
  • Administrasjon/UB
Vis innførsel 
  •   Hjem
  • Fakultet for naturvitenskap og teknologi
  • Institutt for kjemi
  • Artikler, rapporter og annet (kjemi)
  • Vis innførsel
  •   Hjem
  • Fakultet for naturvitenskap og teknologi
  • Institutt for kjemi
  • Artikler, rapporter og annet (kjemi)
  • Vis innførsel
JavaScript is disabled for your browser. Some features of this site may not work without it.

nsroot: Minimalist process isolation tool implemented with Linux namespaces

Permanent lenke
https://hdl.handle.net/10037/20478
Thumbnail
Åpne
article.pdf (42.10Kb)
Publisert versjon (PDF)
Dato
2017-11-26
Type
Journal article
Tidsskriftartikkel

Forfatter
Raknes, Inge Alexander; Fjukstad, Bjørn; Bongo, Lars Ailo Aslaksen
Sammendrag
Data analyses in the life sciences are moving from tools run on a personal computer to services run on large computing platforms. This creates a need to package tools and dependencies for easy installation, configuration and deployment on distributed platforms. In addition, for secure execution there is a need for process isolation on a shared platform. Existing virtual machine and container technologies are often more complex than traditional Unix utilities, like chroot, and often require root privileges in order to set up or use. This is especially challenging on HPC systems where users typically do not have root access. We therefore present nsroot, a lightweight Linux namespaces based process isolation tool. It allows restricting the runtime environment of data analysis tools that may not have been designed with security as a top priority, in order to reduce the risk and consequences of security breaches, without requiring any special privileges. The codebase of nsroot is small, and it provides a command line interface similar to chroot. It can be used on all Linux kernels that implement user namespaces. In addition, we propose combining nsroot with the AppImage format for secure execution of packaged applications. nsroot is open sourced and available at: https://github.com/uit-no/nsroot.
Beskrivelse
Source at https://ojs.bibsys.no/index.php/NIK/article/view/432.
Forlag
Norsk Informatikkonferanse
Sitering
Raknes IA, Fjukstad B, Bongo LA. nsroot: Minimalist process isolation tool implemented with Linux namespaces. NIK: Norsk Informatikkonferanse. 2017
Metadata
Vis full innførsel
Samlinger
  • Artikler, rapporter og annet (kjemi) [565]
Copyright 2017 The Authors

Bla

Bla i hele MuninEnheter og samlingerForfatterlisteTittelDatoBla i denne samlingenForfatterlisteTittelDato
Logg inn

Statistikk

Antall visninger
UiT

Munin bygger på DSpace

UiT Norges Arktiske Universitet
Universitetsbiblioteket
uit.no/ub - munin@ub.uit.no

Tilgjengelighetserklæring