I've toyed with PC-BSD, which has a per-application jail setup function called Warden. FreeBSD jails are supposedly a more secure version of standard chroot (which historically was pretty easy to break out of). I have always wondered about the vulnerability of X-Windows in the PC-BSD context, and if an untrusted jailed app could cause grief on the main desktop via X.
It's nice to see more stuff like this being experimented on. I recall reading about a similar Windows thing some time ago (Sandboxy?), but the concept never seemed to go mainstream for some reason.
I've toyed with PC-BSD, which has a per-application jail setup function called Warden. FreeBSD jails are supposedly a more secure version of standard chroot (which historically was pretty easy to break out of). I have always wondered about the vulnerability of X-Windows in the PC-BSD context, and if an untrusted jailed app could cause grief on the main desktop via X.
It's nice to see more stuff like this being experimented on. I recall reading about a similar Windows thing some time ago (Sandboxy?), but the concept never seemed to go mainstream for some reason.