On 2010-12-08 at 21:00+00 "Richard W.M. Jones" <rjones@xxxxxxxxxx> wrote: > To the original poster: even a VM isn't a completely robust way of > preventing root escalations. This is a certainly true. If an attacker manages to gain control of a VM guest, he can attempt to attack the VM host. (In fact, depending on the attack, escalated privileges on the VM guest may not even be necessary.) But this is simply another instance of the generic problem of security vulnerabilities providing an avenue for privilege escalation, which isn't a problem that is unique to VMs. > If the developers are all in your "organization", how about using a > cluestick-based method to prevent them doing this? Because a security solution that trusts users not to deliberately or accidentally acquire access that they aren't [administratively] permitted to have is no solution. It would be no different than hanging a sign on the front door of my house that said, "even though my door is unlocked, since stealing is wrong, I trust that no one will rob me." Furthermore, intelligent users would also refuse such an arrangement, because if the server that provides mock is rooted, the prime suspects would immediately be the mock users who did not otherwise have root privileges on the box. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
