[pve-devel] KVM Security
Eric Blevins
ericlb100 at gmail.com
Tue Apr 22 16:23:56 CEST 2014
Why does Proxmox run KVM process as root?
Running KVM as a non-root user would be much more secure, a flaw allowing
code execution on the host would be limited by the user account.
For added security running each KVM process as a unique user would prevent
an exploit in one guest from accessing virtual disks of another guest
provided proper permissions were also applied to the vm disk files/devices.
Eric
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.proxmox.com/pipermail/pve-devel/attachments/20140422/f47a6e71/attachment.htm>
More information about the pve-devel
mailing list