On Tuesday 12 August 2008 5:57:19 am James Morris wrote: > On Tue, 12 Aug 2008, Russell Coker wrote: > > One thing that should be noted is the labelled network benefits. > > If you had several groups of virtual servers running at different > > levels and wanted to prevent information leaks then having SE Linux > > contexts and labelled networking could make things a little easier. > > > > I have had some real challenges in managing firewall rules for Xen > > servers. My general practice is to try and make sure that there is > > no real need for firewalls between hosts on the same hardware (not > > that I want it this way - it's what technical and management issues > > force me to). > > > > So for example if I have an ISP Xen server running virtual machines > > for a number of organisations I make sure that they are either all > > within a similar trust boundary (IE affiliated groups) or all > > mutually untrusting (IE other IP addresses in the same net-block > > are treated the same as random hosts on the net). > > Thanks for the insights -- we expect to address the virtual > networking aspect in some way. I think we could do some pretty cool things here with the new, well 2.6.25 new, network ingress/egress controls and restricting VM instances to specific interfaces and/or networks. However, we would need to settle the basic VM label management issues first. -- paul moore linux @ hp -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list