[pve-devel] Running KVM as root is a security issue

Wolfgang Bumiller w.bumiller at proxmox.com
Mon Jul 27 21:45:17 CEST 2015


> A monitoring process which does not rely on events could potentially be
> a resource hawk.

Well I wasn't suggesting a busy-waiting daemon. More like listening with
inotify on the qemu cgroup directory, since we use systemd-run to run VMs
in a scope now, this would allow an event-based implementation.

> 1) We know when a new VM starts.
> 2) When a VM a QMP socket is created like /var/run/qemu-server/nnn.qmp
> 3) The QMP socket is bidirectional so it should be possible to listen
> to events.
>
> A document is already describing something similar.
> http://docs.ganeti.org/ganeti/2.13/html/design-kvmd.html

Yes, a design like this would be a possibility.




More information about the pve-devel mailing list