Hi there,
Quoting https://libvirt.org/drvqemu.html
"Disks that are marked as <shared> will get a generic label
system_u:system_r:svirt_image_t:s0 allowing all guests read/write access
them"
The problem now is that the shared disks can potentially being accessed
by other VMs which is not really nice.
Is it safe to remove the shared parameter in the libvirt config and use
static labeling instead?
Thanks,
Luc
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
