[$] Compartmentalized computing with CLIP OS

People searching for a hardened Linux distribution have a widerange to choose from: they can use one of the security-focused offerings, orthey can, with sufficient expertise, simply apply hardening patches andbuild everything to their taste. Suchsystems, of which Qubes OS is agood example, usually concentrate on the user's privacy. Recently, the French cybersecurity agency(ANSSI) released the source code for CLIP OS, its hardened operatingsystem based on Linux. CLIP OS has been in development for more than tenyears and, while sharing many elements with other hardened Linuxdistributions, this one is targeted to different needs: the focus is onproviding maximum isolation between confidentiality levels anddifferent users of the same system. As an illustration: theadministrator is not able to access other users' data.