[pve-devel] Running KVM as root is a security issue
Wolfgang Bumiller
w.bumiller at proxmox.com
Mon Jul 27 15:53:00 CEST 2015
> A patch exists to prevent a crash when a socket cannot be opened.
> https://lists.gnu.org/archive/html/qemu-devel/2015-05/msg00577.html
Included in the current 2.4 devel build.
> I've done some experimenting. If I take the KVM command as generated
> by Proxmox and simply add "-runas nobody" the VM starts up and runs
> without a problem.
Yes, that much I've tested, too. I'm worried about the shutdown scripts
though (bridgedown). They might lack permissions if qemu doesn't keep a
privileged parent process around for those.
Ideally the VM can be started directly as a user, though, rather than
using the -runas switch. That will be some work though.
More information about the pve-devel
mailing list