Can I run a macOS GUI application inside osx-vm? #1
Comments
|
Hey, sorry for not responding sooner — I was quite busy. I think you should be able to run a GUI application generally using gexec. Memory scanning, however, is a bit more tricky due to how macOS works. Namespaces aren't really implementable. A root user on macOS could likely access the memory of a sandboxed process, as macOS sandboxing primarily controls resource access (like file, network, etc.) and not memory isolation. However, scanning the memory of an osxiec container would definitely be more difficult. A normal user can't scan the memory of an osxiec container, and the new user inside the container can't access your system. File system isolation is similar to normal container practices: the files are isolated, but a root user on the host could still access them. Let me know if you meant something else. |
Can I run a macOS GUI application inside osx-vm?
And I want to isolate the container from the host (including file system isolation and memory isolation) to prevent memory scanning and file scanning.
The text was updated successfully, but these errors were encountered: