ELCE11: Sandboxing for automotive Linux
ELCE11: Sandboxing for automotive Linux
Posted Nov 3, 2011 16:23 UTC (Thu) by Cyberax (✭ supporter ✭, #52523)In reply to: ELCE11: Sandboxing for automotive Linux by simlo
Parent article: ELCE11: Sandboxing for automotive Linux
I don't trust OS-level sandboxes to contain malicious processes. System-level sandboxes (KVM, Xen) just might be able to do it but even that is doubtful.
That's why I'd just separate critical functionality into a completely separate CPU, maybe even with a separate network.