top | item 46913794

(no title)

aktau | 24 days ago

From the GitHub page:

LiteBox is a sandboxing library OS that drastically cuts down the interface to the host, thereby reducing attack surface. It focuses on easy interop of various "North" shims and "South" platforms. LiteBox is designed for usage in both kernel and non-kernel scenarios.

LiteBox exposes a Rust-y nix/rustix-inspired "North" interface when it is provided a Platform interface at its "South". These interfaces allow for a wide variety of use-cases, easily allowing for connection between any of the North--South pairs.

Example use cases include:

  - Running unmodified Linux programs on Windows
  - Sandboxing Linux applications on Linux
  - Run programs on top of SEV SNP
  - Running OP-TEE programs on Linux
  - Running on LVBS

discuss

aktau|24 days ago

More links with discussion:

Reddit discussion: https://www.reddit.com/r/linux/comments/1qw4r71/microsofts_n...

Project lead James Morris announcing it on social.kernel.org: https://social.kernel.org/notice/B2xBkzWsBX0NerohSC

xjamesmorris|24 days ago

FYI, I am not the project lead for Litebox. It is led by Microsoft Research.

unknown|24 days ago

[deleted]

rbanffy|23 days ago

> - Running unmodified Linux programs on Windows

This might actually be my favourite use: I always thought WSL2 was a kludge, and WSL1 to be somewhat the fulfilment of the "personality modules" promise of Windows NT.

dixie_land|23 days ago

Yup WSL feels closer to the Services for Unix which has been around since NT 4/5.

It was sad to see WSL2 taking the path of least resistance, that decision has always felt TPM driven ("we got unexpected success with WSL and people are asking for more, deliver xxx by Q4! No I don't care _how_ you do it!")

unixhero|23 days ago

Personality was an OS aphorism that went longer back than NT I believe. But my memory is fuzzy on this.

Edit! Memory unfuzzed: It was Workplace OS, https://en.wikipedia.org/wiki/Workplace_OS

a-dub|24 days ago

is this wslv1.2 (wslv1 redux) in now a more general cross-platform library firewall type thing?

oofbey|23 days ago

The amount of techno jargon marketing speak in this readme is impressive. I’m pretty well versed in most things computers, but it took me a long time to figure out what the heck this thing is good for. Leave it to Microsoft to try to rename lots of existing ideas and try to claim they’ve invented something amazing when it’s IMHO not all that useful.