<snip> > also, are there ways to essentially lock down a given machine, such that you > can run an application on the machine, but the application is restricted to > either its' own process/resource space or that it couldn't do any damage > beyond the given machine that it's being run on.. I ask because we could > always have "test" servers that are essentially rebuilt after every > application .bin is tested... > > We really need a seriously good security guru to bounce these thought off > of!!!! Okay, I'm not a "seriously good security guru", nor have I actually tried what I'm about to suggest, so please take this with a grain of salt... What about vmware? If you could create a "virtual computer" for each of your developers, would that work? Any vmware users out there have any comments? I *think* that this approach, while it might take a hefty server, would isolate each developer from each other sufficiently to ensure that they can't hack each other, and you might even be able to set it up so that each night each 'computer' is reloaded from scratch... Just a thought. Ben -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
