Hi, I am currently working on testing out KVM as a platform for Whonix, a Debian based spin with anonymity enforcement via usage of virtual machines. All traffic from a workstation vm is forced through a Tor gateway on the second gateway vm. Safeguarding against high level attacks (0days and advanced persistent threats) is our top priority and so right now we are hammering out the details of what virtual hardware should be attached into the vms. In your opinion is enabling SPICE and 2D acceleration via QXL+vdagent in the guest, a security risk to the host? Consider this question in a scenario where the host is a RedHat derivative that has SElinux and secomp enabled for QEMU. We want to find out whether this is a case of security vs convenience. Thanks for you time. _______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/spice-devel