[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] chroot jailing...
From: |
address@hidden |
Subject: |
[Qemu-devel] chroot jailing... |
Date: |
Sun, 12 Jan 2014 14:17:43 -0500 |
User-agent: |
Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20131104 Icedove/17.0.10 |
Would there be any security benefits, without suffering any considerable
relative loss in performance, to (chroot) jailing qemu? Can it,
practically speaking, be done?? Would that be a partial safeguard
against virtual machine escapes? Or is it the case that if a virtual
machine escape takes place, then all bets are probably off? (i.e., you
probably have already pole-vaulted over any filesystem driver/partition
access control mechanisms...) Are there any articles or discussions that
I can be directed to about it? (my focus for now is 64 bit, Intel core
i7...) Are there specific suggestions and/or guidelines for attempting
to do so -or not??
- [Qemu-devel] chroot jailing...,
address@hidden <=