Hi again. I successfully executed vm with static label (system_u:system_r:svirt_t:s1) but suprised, that vm see entire traffic
on network interface. Interface attached via bridge and passed to vm as virtio device. In selinux todo list , but what with vm
http://selinuxproject.org/page/SVirt/TODO ) i see a job 'Integration with Labeled Networking/IPSec/Labeled NFS (e.g. use of overlay VPNs for
networks on host)'. Does this mean, that current stable (rhel) selinux release not cover vm network? I have tested network isolation for regular proccess, this working fine, but what with vm's part?
---
on network interface. Interface attached via bridge and passed to vm as virtio device. In selinux todo list , but what with vm
http://selinuxproject.org/page/SVirt/TODO ) i see a job 'Integration with Labeled Networking/IPSec/Labeled NFS (e.g. use of overlay VPNs for
networks on host)'. Does this mean, that current stable (rhel) selinux release not cover vm network? I have tested network isolation for regular proccess, this working fine, but what with vm's part?
---
vlad f halilov
_______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
