Last week I played a bit with crosvm, a KVM monitor used within Chromium OS for application isolation. Two of crosvm’s defining characteristics is that it’s written in Rust for increased security, and that uses namespaces extensively to reduce the attack surface of the monitor itself.