[pve-devel] Running KVM as root is a security issue

Michael Rasmussen mir at datanom.net
Mon Jul 27 20:53:40 CEST 2015


On Mon, 27 Jul 2015 20:11:54 +0200 (CEST)
Wolfgang Bumiller <w.bumiller at proxmox.com> wrote:

> 
> This is better. Even better would be a monitoring process that doesn't need to
> be signaled.
> (Coincidentally, this would also add the possibility of adding reliably-fired
> exit-time hooks.)
> 
A monitoring process which does not rely on events could potentially be
a resource hawk.

1) We know when a new VM starts.
2) When a VM a QMP socket is created like /var/run/qemu-server/nnn.qmp
3) The QMP socket is bidirectional so it should be possible to listen
to events.

A document is already describing something similar.
http://docs.ganeti.org/ganeti/2.13/html/design-kvmd.html

Whether it is implemented or not, I do not know.

-- 
Hilsen/Regards
Michael Rasmussen

Get my public GnuPG keys:
michael <at> rasmussen <dot> cc
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xD3C9A00E
mir <at> datanom <dot> net
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE501F51C
mir <at> miras <dot> org
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE3E80917
--------------------------------------------------------------
/usr/games/fortune -es says:
Women aren't as mere as they used to be.
		-- Pogo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.proxmox.com/pipermail/pve-devel/attachments/20150727/a0859ce8/attachment.sig>


More information about the pve-devel mailing list