Jump to content

Silo

Member
  • Posts

    1
  • Joined

  • Last visited

  • Donations

    0.00 USD 
  • Country

    France

Posts posted by Silo

  1. https://unit42.paloaltonetworks.com/what-i-learned-from-reverse-engineering-windows-containers/
    https://googleprojectzero.blogspot.com/2021/04/who-contains-containers.html
    https://www.hysolate.com/blog/windows-containers-101/
    https://medium.com/@justen.walker/a-short-introduction-to-windows-containers-db5adc0db536
    https://docs.microsoft.com/en-us/virtualization/windowscontainers/about/

    Silo was implemented in Windows 10 and it targets process isolation : isolated environment (wininit.exe, csrss.exe, etc), sharing the same OS kernel/devices for containerized processes.

    A server silo is actually a super-job object. VMCompute (Hyper-V Library) uses the native Windows API to create a super-job object, and spawn a new containerized Windows environment. With a server silo you can share devices like GPU, soundcard, USB devices, etc (devices are mapped using symbolic links).

    Had anyone been able to successfully create an isolated environment without Hyper-V, programmatically using super-job objects? Super-jobs are undocumented, but it could be used for sandboxing without using a VM, as it's integrated in the OS Kernel.

×
×
  • Create New...