Security: Difference between revisions

imported>Nix
Flatpaks: flatpak reference
imported>Nix
Virtual machines: KVM breakout reference
Line 83: Line 83:
* [http://blog.patapon.info/nixos-local-vm/ Updating NixOS local VMs] - Post demonstrating how to build and run a VM from a NixOS configuration and then update the configuration of the running VM on the fly.
* [http://blog.patapon.info/nixos-local-vm/ Updating NixOS local VMs] - Post demonstrating how to build and run a VM from a NixOS configuration and then update the configuration of the running VM on the fly.
* [https://archive.fosdem.org/2020/schedule/event/kernel_address_space_isolation/attachments/slides/3889/export/events/attachments/kernel_address_space_isolation/slides/3889/Address_Space_Isolation_in_the_Linux_Kernel.pdf 2020 IBM Presentation on Address Space Isolation in the Linux Kernel] - Containers within VMs are a norm for security in the cloud. Addressing ongoing work to improve isolation of containers and VMs.
* [https://archive.fosdem.org/2020/schedule/event/kernel_address_space_isolation/attachments/slides/3889/export/events/attachments/kernel_address_space_isolation/slides/3889/Address_Space_Isolation_in_the_Linux_Kernel.pdf 2020 IBM Presentation on Address Space Isolation in the Linux Kernel] - Containers within VMs are a norm for security in the cloud. Addressing ongoing work to improve isolation of containers and VMs.
* [https://googleprojectzero.blogspot.com/2021/06/an-epyc-escape-case-study-of-kvm.html An EPYC escape: Case-study of a KVM breakout] - Detailing first known non-userspace vulnerability enabling guest-to-host breakout.


=== Networking ===
=== Networking ===