[pve-devel] KVM Security
ericlb100 at gmail.com
Mon Aug 4 22:12:50 CEST 2014
>I think that direct access to /dev/... don't work
Could Proxmox simply chown resources used by KVM before starting KVM?
This would make transition to non-root KVM easier for most people too.
> I am also unsure if there is a way to pass auth info to iscsi/glusterfs/ceph libraries (without
> exposing that info to non-root users).
Could this info be provided using environment variables?
Maybe make the file read only for the KVM process group?
I created a bugzilla item for this:
More information about the pve-devel