[pve-devel] Running KVM as root is a security issue

Henry Spanka henry at myvirtualserver.de
Tue Jul 28 02:43:38 CEST 2015


I think the best option is to run every KVM as another user and chown  
the /var/lib/vz/images/VMID/ directory to that user.
There will be vulnerabilities at any time and the best option is to  
just use other users to prevent execution of code on the host or  
modify other vms(read data).

Best regards
Henry Spanka
-- 
Fügen Sie uns in die Liste "vertrauenswürdiger Absender" hinzu.
If you have any further questions, please let us know.

Mit freundlichen Grüßen / With best regards

myVirtualserver.de | Development Team
Henry Spanka




More information about the pve-devel mailing list