Re: security: the qemu agent command "guest-exec" may cause Insider Access

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



>>>Host can read all of the guest's memory or mount the image and modify
>>>the guest agent.  Or even add their own communication program that can
>>>do anything.
>>>
>>
>>I get your point now! :)  Thanks a lot!!
>>
>>Further more,  kvm seems not as secure as xen, because xen isolates dom0 and
>domU well,
>>The administrator on dom0 couldn't access many things belonged to domUs.
>>How to solve such problem in kvm? Any scheme?
>
>I don't know xen much, but maybe AMD SEV or everything-signed-by TPM
>would help...

Thank you ,  I'll look further into them.

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list



[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]
  Powered by Linux