Malicious guests and entropy pool access risks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello. While I've been enabling virtio-rng since it became available I recently understood that without restrictions a malicious guest can potentially starve other VMs' entropy by overusing /dev/random so I set the rate limit.

Another question comes to mind. Does the way virtio-rng works pose a security risk? - does it allow the guest to spy on the host's entropy pool? (If so I'll have to disable it for untrusted VMs immediately)

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list



[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]