Penguins in a sandbox: Google nudges Linux apps toward Chrome OS
While keeping things safe
Sleuthing has revealed more details about Google's project to allow its locked-down Chrome OS to run Linux applications – and well-informed speculation on its architecture.
Word of project "Crostini" – or fancy crouton – first emerged from public source code comments earlier this year:
Add Crostini experiment to fieldtrial testing.
This enables project Crostini, running Linux VM on Chrome OS, for Chromium developer builds.
It's possible to run software built for Linux on Chrome OS – which itself is powered by the Linux kernel – with today's release builds, punching a hole through the sandbox to run arbitrary code. But Crostini allows that without weakening the device's security defenses.
Kieran Miyamoto at XDA Developer suggested the architecture would accommodate a containerized environment, with a guest container for Linux.
This indicates it's a feature aimed squarely at developers and system administrators – a world away from the education market where locked-down Chromebooks rule.
"Signs point to other devices, even ones with ARM system-on-chips, receiving support in the future," wrote Miyamoto. "But perhaps not quite yet for 32-bit machines. There are also hints that some parts of VM functionality required to run Crostini won't be available for devices with older kernel versions."
More may be revealed at Google's annual developer conference, I/O, starting 8 May. ®
Sponsored: Becoming a Pragmatic Security Leader