Issues of
iX,
c't,
de:Linux-Magazin in Years 2014/2015 contain a couple of comprehensive articles on the available Linux solutions even with their history!
Sandboxes on Linux looks at the different mechanisms there are to implement sandbox on Linux =
Linux kernel-based family of operating systems. With regard to the article
sandbox being a pile of crap:
July 2014 it is hard to document these software project, since we cannot just refer to the article to explain the underlying mechanisms and their merits. I doubt Wikipedia will ever attract good writers... its not the money, its the idiots being around here, and throwing money at it, will not help. Best follow
Helmuth von Moltke the Elder advise and send them far far away...
I think
User:ScotXW/Virtualization introduced
sandboxes and containers. If there is a difference between a sandbox and a container, I guess sandbox = for 1 application, container = for n applications. Sandbox was originally only for security, but nothing speaks against applying resource management to it.
Linux Security Modules (is a framework that allows the Linux kernel to support a variety of computer security models while avoiding favoritism toward any single security implementation.)
kdbus/
cgroups/
systemd –
Lennart Poettering et al. have been working on a Sandbox/Container based on these Linux kernel components. As of July 2014 kdbus is ready, but still waits to be accepted into Linux kernel mainline. This solution should give security AND resource management. Something
klik-like could augment
.deb and
.rpm; by abandoning shared libraries, this could solve the problem of a missing widely-adopted Linux ABI and the
not free enough problem. Abandoning "share libraries" removes test cases from them, this is bad, but maybe having to package the same software is more bad. Rigs of Rods is still not in the Debian repos. So we either make Linux people compile it, or serve klick-like packages to download next to the Window-install-package free for download.