Tue Dec 22 09:39:13 CET 2015
> I am not sure what you mean here. Genode can already execute Linux
> within a virtual machine (Seoul or VirtualBox) or as a paravirtualized
> version on top of the Fiasco.OC kernel. If this is not sufficient, what
> is your approach?
The problem in this approach is that the (virtualized) Linux instance is still running the same very insecure (if you ask me;) Linux kernel. Within the scope of the Linux kernel, there is nothing to limit the kind of hazards grsecurity is/was made to prevent.
To reiterate, what I would like to see is Linux (and/or BSD) kernel running directly on top of genode.
More information about the users