Jail vs. Honeypot


This diagram illustrates the difference between plain 'jail' mode and 'honeypot' mode.
With 'jail', process address spaces are contiguous, with the stack located at the top, just below the area reserved for the UML kernel.
With 'honeypot', the process stack is separated from the rest of the process address space and located above the UML kernel area to where it would be on the host.