The Genode OS Framework is a tool kit for building highly secure special-purpose operating systems. It scales from embedded systems with as little as 4 MB of memory to highly dynamic general-purpose workloads.
Genode is based on a recursive system structure. Each program runs in a dedicated sandbox and gets granted only those access rights and resources that are needed for its specific purpose. [... ] Thanks to this rigid regime, the attack surface of security-critical functions can be reduced by orders of magnitude compared to contemporary operating systems.
The framework aligns the construction principles of L4 with Unix philosophy.
There was a time I'd have been all over this, good to see small secure systems are still being developed (Yes, I saw that Genode dates back to 2008 .. ).
Been playing around with it in a VM (VMware Workstation) on my desktop (Ryzen 5xxx series) today.
It's not super straight forward to get running in VMware, as the instructions on the Genode page are for using an .ova file with VirtualBox.
That same .ova file errors out with VMware though. But pulling it apart (seems like a renamed .tar file) gives two VMware disk images (.vmdk), the 2nd of which boots Genode fine.
Now I'm just trying to figure out Genode itself. Looks like it'll work though. :)
---
And for something different, here's DOOM running on the Pinephone under Genode:
There was a time I'd have been all over this, good to see small secure systems are still being developed (Yes, I saw that Genode dates back to 2008 .. ).