Given that this is (AFAICT) a way to efficiently run exactly one program on a machine (probably a VM), I would have liked to see more time spent on the particulars of getting a program running on it. Like, can you easily run existing software on BareMetal? Could you compile nginx to run on it? Or does software have to be written specifically for this environment? And either way, how exactly do you actually build your software for/into(?) the image?
Sorry this might be an extremely stupid question, but can you please explain the benefits of this and what other (larger?) alternatives are?
I understand that this "exokernel" provides more performant hardware access for software and it seems to be written from scratch in assembler.
Does this mean that one should expect a lot of security and robustness issues, which means it should only be used for internal services and never be exposed to untrusted networks?
If one decides to boot an arbitrary system, pointing at whatever would be the latest version of exec.asm, it doesn't even matter what the project is today and whatever the setup script is doing.
If one chooses to use this, one decides to handover the virtual machine ownership. Your system is whatever OP decides, now or in the future.
Edit: made a clear mistake here. One would clearly not be booting on lates version of exec.asm.
It would be libBareMetal.asm instead.
Sorry for confusion guys, totally safe and effective
https://github.com/ReturnInfinity/BareMetal-Examples/blob/ma...
I understand that this "exokernel" provides more performant hardware access for software and it seems to be written from scratch in assembler.
Does this mean that one should expect a lot of security and robustness issues, which means it should only be used for internal services and never be exposed to untrusted networks?
Edit: made a clear mistake here. One would clearly not be booting on lates version of exec.asm. It would be libBareMetal.asm instead.
Sorry for confusion guys, totally safe and effective
if [ -x "$(command -v curl)" ]; then curl -s -o libBareMetal.asm https://raw.githubusercontent.com/ReturnInfinity/BareMetal/m... else wget -q https://raw.githubusercontent.com/ReturnInfinity/BareMetal/m... fi