Comment by mech422

Comment by mech422 3 days ago

7 replies

View on Hacker News

This(1)(2) might hold you over for a bit: "Genode's microkernel architecture, capability-based security, sandboxed device drivers, and virtual machines in a novel operating system for commodity PC hardware and the PinePhone. Sculpt is used as day-to-day OS by the Genode developers. "

It looks pretty neat - could be fun to play with!

1) https://genode.org/

2) https://genode.org/download/sculpt

They

codethief 3 days ago

> Genode is based on a recursive system structure. Each program runs in a dedicated sandbox and gets granted only those access rights and resources that are needed for its specific purpose. Programs can create and manage sub-sandboxes out of their own resources, thereby forming hierarchies where policies can be applied at each level.

Damn, I've been hoping someone would create something like this for quite some time!

Reply View 2 replies
  • samus 3 days ago

    The difficulty is the same as for current sandboxing efforts on desktop Linux though: most existing applications assume unrestricted access to user data. They have to be adapted or have to be granted unrestricted access. Otherwise users will simply not be willing/able to use the machine in secure ways.

    The technologies has been there for decades, but is applicable to a greenfield setting only.

    Reply View 1 reply
    • codethief 2 days ago

      > The difficulty is the same as for current sandboxing efforts on desktop Linux though

      You're right, that is a problem. However, the situation on Linux is even worse since you can't even nest sandboxes/containers in most real-world situations.

      Reply View 0 replies
mikewarot 3 days ago

Genode Sculpt releases, in April and October, are where they roll out user interface and other visible upgrades that form a complete system. I'm hoping to make it my daily driver in the near future.

Reply View 3 replies
  • mech422 3 days ago

    Oh! How is it for a dev. box ?? Can you get gcc/clang/rust/python ? Does it have a decent browser and code editor?

    It sounds like fun to play with - I've been wanting to try something new...

    Reply View 2 replies
    • snvzz 3 days ago

      They have native 3d acceleration, native modern web browser and virtualization support to e.g. run Linux and any non-ported software on that.

      Genode is no joke.

      Reply View 1 reply
      • mech422 3 days ago

        Thanks man - definitely gonna have a go at then :-)

        Reply View 0 replies