| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CA+1xoqdNfX03O6cToOW5wgcbZa7bHvqPPTnMUAH5Ltvs8nMrpg@mail.gmail.com> Date: Thu, 10 Nov 2011 11:34:09 +0200 From: Sasha Levin <levinsasha928@...il.com> To: Avi Kivity <avi@...hat.com> Cc: Markus Armbruster <armbru@...hat.com>, Pekka Enberg <penberg@...nel.org>, Anthony Liguori <anthony@...emonkey.ws>, Pekka Enberg <penberg@...helsinki.fi>, Linus Torvalds <torvalds@...ux-foundation.org>, Andrew Morton <akpm@...ux-foundation.org>, Ingo Molnar <mingo@...e.hu>, linux-kernel@...r.kernel.org, kvm@...r.kernel.org, Christoph Hellwig <hch@....de> Subject: Re: [RFC/GIT PULL] Linux KVM tool for v3.2 On Thu, Nov 10, 2011 at 11:23 AM, Avi Kivity <avi@...hat.com> wrote: > On 11/10/2011 11:14 AM, Sasha Levin wrote: >> > Trying and failing. sVirt will deny access to all files except those >> > explicitly allowed by libvirt. >> >> It still allows the guest to read more than enough files which it >> shouldn't be reading. >> >> Unless you configure sVirt on a per-guest basis... > > sVirt is per-guest. It still would mean that the guest can access any file (actually, even device, no?) the hypervisor can access. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists