Silo Posted June 14, 2021 Share Posted June 14, 2021 https://unit42.paloaltonetworks.com/what-i-learned-from-reverse-engineering-windows-containers/ https://googleprojectzero.blogspot.com/2021/04/who-contains-containers.html https://www.hysolate.com/blog/windows-containers-101/ https://medium.com/@justen.walker/a-short-introduction-to-windows-containers-db5adc0db536 https://docs.microsoft.com/en-us/virtualization/windowscontainers/about/ Silo was implemented in Windows 10 and it targets process isolation : isolated environment (wininit.exe, csrss.exe, etc), sharing the same OS kernel/devices for containerized processes. A server silo is actually a super-job object. VMCompute (Hyper-V Library) uses the native Windows API to create a super-job object, and spawn a new containerized Windows environment. With a server silo you can share devices like GPU, soundcard, USB devices, etc (devices are mapped using symbolic links). Had anyone been able to successfully create an isolated environment without Hyper-V, programmatically using super-job objects? Super-jobs are undocumented, but it could be used for sandboxing without using a VM, as it's integrated in the OS Kernel. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now