[Info-vax] Container files are set to grow in importance on the IT road ahead
Stephen Hoffman
seaohveh at hoffmanlabs.invalid
Sat Feb 6 11:01:19 EST 2016
On 2016-02-06 03:59:30 +0000, David Froble said:
> However, my main point was, this ain't anything new.
>
> And, if 90% is the same, with maybe 10% different, then as things now
> stand, using a master disk and changing 10% afterward is better than
> doing 100% for each system.
>
> "As things now stand ..."
Sure. We can even write most of this in BASIC, too. It's just tons
and tons of glue code.
And with no way to keep applications from getting tangled, and no way
to contain malicious or vulnerable applications. Not without making
some OpenVMS kernel modifications.
The difference here being that this container code and the
jails/sandboxes have been written and debugged and supported and
integrated in other platforms.
So we're not all maintaining shed-loads of glue code, nor are we
depending on developers to maintain conventions to avoid conflicts.
But then I remember similar arguments from the folks that were
programming assembler — high-level languages were wasteful — from the
1970s and 1980s.
Languages get easier, frameworks get higher-level, the need for
assembler or for as much BASIC is reduced, deployments get faster,
capabilities get larger, etc.
Even in a single-host, single-application, classic OpenVMS application
environment, having a way to keep a vulnerable server process from
being easily extended into a full-blown breach would be valuable.
So would having an easy way to install and update applications
(securely, easily, and without FTPing kits around), particularly given
that most applications are gaining dependencies.
Master images or golden masters or LD disk containers don't give you
any of that.
--
Pure Personal Opinion | HoffmanLabs LLC
More information about the Info-vax
mailing list