Hi. I created this package. It allows one to run an extremely secure tor relay on almost anything. The package is very easy to use and seems to work pretty well. I've been running the first of its kind "in the wild" as an exit relay for a week or so here...
Running tor in a rump unikernel provides a single application, single address space image, with bare minimum necessary support drivers, that can be run portably on pretty much any hypervisor (or even on bare metal).
If security is a concern, you would be pretty hard pressed to run a more secure tor relay. This doesn't even have a /bin/sh, for example. There's precious little available to be exploited here, even should a tor exploit be found possible. Odds are, even a major tor vulnerability wouldn't do an interloper very much good in this case.
https://atlas.torproject.org/#details/FD76CE423F64853C402EAC...
And it was officially merged upstream today here...
https://github.com/rumpkernel/rumprun-packages/commit/0171d4...
Running tor in a rump unikernel provides a single application, single address space image, with bare minimum necessary support drivers, that can be run portably on pretty much any hypervisor (or even on bare metal).
If security is a concern, you would be pretty hard pressed to run a more secure tor relay. This doesn't even have a /bin/sh, for example. There's precious little available to be exploited here, even should a tor exploit be found possible. Odds are, even a major tor vulnerability wouldn't do an interloper very much good in this case.
For background infomation, see...
Tor
https://en.wikipedia.org/wiki/Tor_%28anonymity_network%29
https://www.torproject.org/
Rump Kernel
https://en.wikipedia.org/wiki/Rump_kernel
http://rumpkernel.org/
Enjoy. :)