On Sat, Aug 26, 2017 at 01:05:46 +0000, Zhangbo (Oscar) wrote: > >On Fri, Aug 25, 2017 at 08:52:16 +0000, Zhangbo (Oscar) wrote: > >> >On Fri, Aug 25, 2017 at 06:45:18 +0000, Zhangbo (Oscar) wrote: [...] > >If you don't trust the host, don't use it. There's no protection from > >reading the memory or disk images currently. See [1]. Note that even > >without the API, root can access all the stuff. > > Thank you very much for the detailed reply, any future plan to solve such problem(host > has too high authority to access guests' memory things)? What will be the potential mitigation? The best mitigation is to not allow unauthorized access to the host. In other words: if you don't trust your cloud provider, host your stuff yourself.
Attachment:
signature.asc
Description: PGP signature
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list
