On Mon, 11 Jun 2007, Jordi Prats wrote: > But there's any way that you can be sure that a given domain can't acces > to data on a other xen guest (a diferent device) using selinux? > > So, the Xen guest A could only acces to /dev/sda, and Xen guest B could > only acces to /dev/sdb but they both are using the same xend daemon. There's some experimental work on providing SELinux style controls over Xen, see http://lists.xensource.com/archives/html/xense-devel/ -- James Morris <jmorris@xxxxxxxxx> -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
