galen galen

Niner since 2011


  • Drawbridge: A new form of ​virtualizat​ion for application sandboxing

    Unrelated: Would love to see Singularity's ideas go mainstream. Singularity's *the single most interesting* idea and implementation I've seen in a long time in OS research. While it might not have been the first approach it was very well executed (and documented).

    Thanks!  We are very proud of our Singularity work as well.  Interesting, several of the great ideas from Singularity were reused in Drawbridge.  For example, the Drawbridge ABI (application binary interface) is very similar to the Singularity ABI.  Also, Drawbridge employs many of the program manifest and packaging ideas that we pioneered in Drawbridge.

  • Drawbridge: A new form of ​virtualizat​ion for application sandboxing

    In the paper "Exterminate All Operating System Abstractions" ( they talk about an "application-level operating system"; would you say that that is, or can be seen as, related to DrawBridge?

    Yes, Engler et. al invented the idea of a library OS (an "application-level operating system").  Our academic contribution was to show 1) how the interface between the library OS and the host OS can be modified to enable persistent compatibility, 2) how the it can enable migration, and 3) that Windows can be used to create a library OS.

    By the way, our paper mentioned above discusses the related work in more detail.

  • Drawbridge: A new form of ​virtualizat​ion for application sandboxing

    Linux Containers ( anyone?

    @James: As you point out, there is a rich history of sandboxing technologies that operate at the scale of an application (chroot, zones, jails, containers, etc.). These were all important advances. Our contribution is to marry application sandboxing with the library OS concept. If you want to read more detail, our ASPLOS 2011 paper provides some comparison with existing technologies.

    As far as we know, Drawbridge is the first in this class to provide not just isolation, but also persistent compatibility and execution continuity. When packaged with its library OS, a Drawbridge application can run across many different host OS versions.  And, a running Drawbridge application can move from one host machine to another (without losing its state).