On Mon, 8 Jan 2001, Karl J. Runge wrote:
> The advantage for the "sandbox thingie" is that you do this long suspend
> time to disk files _once_ to freeze the sandbox state and then, if I've
> understood you correctly, that info is supplied to vmware as startup data.
Ummmm... I'm not sure how that would work. I mean, I know it is in theory
possible, but I'm not sure how well VMware supports it. I supposed you could
simply extend your existing scheme to replace the entire VMware configuration,
including suspended state...
> I don't quite know how to get the "untrusted" .EXE data into the virtual
> disk safely in the suspended state, but perhaps something could be cooked
> up.
I think that might be tough. The suspended system is only valid if the
system does not change. Things like filesystem metadata may well exist in the
suspended image. Mucking around with the filesystem behind its back, so to
speak, strikes me as a Bad Idea(TM). But I dunno for sure.
You might be able to combine a VMware "raw disk" with the "Nonpersistent"
option, which would (in theory) let you copy files in while VMware is not
running, and still use the suspend/resume feature.
>> It works as well as Windows normally works during suspend/resume,
>> which is to say, not very.
> That's too bad. Maybe with a simple enough state (minimal HD, no apps
> running etc) for the sandbox initial state it would be a bit more
> reliable.
I find the less software running, the better it works, but I've still had
Windoze crash miserably trying to resume on a completely stock Win98 system
with nothing extra installed or running. Suspend/resume and other power
management features appear to be one of the least reliable parts of MS
Windoze. :-(
--
Ben Scott <[EMAIL PROTECTED]>
Net Technologies, Inc. <http://www.ntisys.com>
Voice: (800)905-3049 x18 Fax: (978)499-7839
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
