[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Running untrusted code as root in a `guix system vm`?
From: |
Ben Weinstein-Raun |
Subject: |
Running untrusted code as root in a `guix system vm`? |
Date: |
Fri, 29 Dec 2023 23:40:50 +0000 |
Hello!
I'm considering running some software inside a VM created using `guix
system vm`. The easiest thing to do would be to run the virtualized
software as root. Normally I wouldn't think twice about that, but iiuc
the guest will have the host's /store mounted. Am I right that this
should make me nervous about running untrusted things as root in the VM?
Or is there some trick by which a root process in the VM is prevented
from destructively changing /store?
Thanks!
signature.asc
Description: OpenPGP digital signature
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Running untrusted code as root in a `guix system vm`?,
Ben Weinstein-Raun <=