|
From: | Markus Armbruster |
Subject: | Re: [Qemu-devel] chroot jailing... |
Date: | Mon, 13 Jan 2014 11:28:24 +0100 |
User-agent: | Gnus/5.13 (Gnus v5.13) Emacs/24.2 (gnu/linux) |
"address@hidden" <address@hidden> writes: > Thanks! > > So it sounds like you're saying selinux is the only meaningful thing to try? > Or do people ever bother to place qemu in chroot jails?? > > I seem to have gotten the impression that people use qemu-static to do this, > but it appears to be more for offering secured access of a guest folder > to the host OS; > not so much for security... chroot() by itself is not a useful security tool. https://lwn.net/Articles/252794/
[Prev in Thread] | Current Thread | [Next in Thread] |