On 10 May 2012 13:29, Avi Kivity <avi@xxxxxxxxxx> wrote: > Currently when you mount a filesystem, you face two issues: > - you have to be root > - if the media is untrusted, it can exploit your kernel > > With kvm and fuse, we can have a virtualized kernel mount the > filesystem, and re-export to the host, which mounts it using a fuse > interface. This solves both problems, at the expense of speed and > simplicity. In theory this can be used for mounting untrusted USB > sticks (perhaps only for the less well tested filesystems). Is this not one of the many features of guestfs? At least, I'm not sure I understand from your description how it's different. http://libguestfs.org/guestmount.1.html Alex -- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
