12/02/2008

12-01-08 - VM with Virtual Disk

I had this idea for a VM to completely sandbox individual programs. It goes like this :

Do a fresh install of Windows or whatever OS. Take a full snapshot of the disk and store it in a big file. This is now *const* and will be shared by all sandboxes.

Every program that you want to run in isolation gets its own sandbox. Initially a sandbox just points at the const OS snapshot which is shared. File reads fall through to that. When you run the installer on the sandbox, it will do a bunch of file writes - those go in a journal which is unique to this sandbox that stores all the file renames, writes, deletes, etc. That can be saved or simply thrown away after the program is done.

You can optionally browse to sandbox journals. They look just like a regular disk with files. What you're seeing is the const OS snapshot with the changes that the individual program made on top of it. You can then copy files in and out of the sandbox drive to get them to your real disk.

So, for example, when you download some program from the internet that you don't trust, you can just pop up a new sandbox and run it there. This is *instant* and the program is 100% isolated from being able to do file IO to your real system. But if it makes some files you want, you can easily grab them out.

You could also mount "portals" across the sandboxes if you want to. For example, say you don't trust shitty iTunes and you want to run it in a sandbox so it can't mess with your registry or anything. But you want your music files to be on your main drive and have those be accessible to iTunes. You can mount a portal like a net drive for the sandbox to be able to "see out" to just that directory. That way you don't have to like duplicate your music files into the iTunes sandbox or whatever.

Aside from isolating rogue programs, this fixes a lot of problems with Windows. It lets you do 100% clean uninstalls - boom you just delete the whole sandbox and the program has no fingers left over. Every program gets its own registry and set of DLLs and such so there can never be conflicts. You don't have that damn problem of Windows always mysteriously going to shit after 5 years.

If you put your OS on c: and all your data on d:, you could easily just let all the sandboxes of trusted programs have portals to d: so that you can just run Photoshop in a sandbox and browse to d: and work on images, and it feels like just run normal programs on a normal computer.

12 comments:

won3d said...

Dude, this is exactly what my last company was trying to do.

cbloom said...

Dude, tell them to finish it, I want that product.

Brian said...

I don't hack on windows, so I don't know the model. But wouldn't this break the ability to copy and paste embedded objects from one program into a different one if the programs are in different sandboxes?

cbloom said...

Brian, yeah, it would. However, there are two solutions to that :

1. Put programs you often use together in the same sandbox. For example I'd probably just put all the Apple shit together in one sandbox since Quicktime and iTunes and such are all evil and they like each other.

2. Specifically allow certain portals. For example, you could make the clipboard a portal if you want to. By default sandboxes should hve all portals closed, and from *inside* a sandbox you cannot open portals, but from *outside* you can open any portal. For example, you could switch a flag that says "share the clipboard with the host" , that would make clipboard objects global.

won3d said...

DCOM is also a pain (thought not often used), but really there are a ton of random little things you'd have to get right.

Maybe you should search for Thinstall, Softricity or MojoPac. The company I used to work for depended alot on VMware Player, which probably doesn't appeal to you.

I'm guessing you were wishing for Oodle for your computer.

cbloom said...

Yeah it's not something I want to do, there would definitely be a ton of little pain.

I just did a simple patch / virtual file system thing for Oodle and realized how simple that part is and what you could do with it. Of course the hard part is catching every single interface to the OS and emulating them all right.

Softricity SoftGrid looks like they have most of the capability to do what I want, but have it aimed a different way (for IT management), and it seems like MS bought them recently.

Bret said...

Sounds like an ideal use for ZFS. ZFS is all about the copy-on-write.

won3d said...

ZFS? LOL. FS.

castano said...

Have you tried virtual box? It seems to have most of the features that you want, and it's pretty easy to setup.

Sean Barrett said...

http://www.vmware.com/products/thinapp/

spendy, though.

won3d said...

Yeah, that used to be Thinstall.

cbloom said...

Google Native Client :

http://googleonlinesecurity.blogspot.com/2008/12/native-client-technology-for-running.html

old rants