Hi people, We're trying to implement a standard solution on our company, where users who need Windows machines (some legacy software still uses it) will have a VM on their workstations, using Libvirt/QEMU/KVM. The biggest problem we're seeing so far is that we can't find a way to prevent users with root access on the physical machine from "stealing" an eventually open Windows session on virt-viewer from the machine owners. I know, only IT staff will have such privileges, but even then this might pose a security threat that should be dealt with. I've looked into ticketing, SASL and other things, but failed to find a way to definitely avoid this. Is there something I'm missing or is this a dead end? We're looking primarily at Spice displays 'cause it just works - USB redirection, video, audio... Easier than trying to achieve the same using open tools and RDP. Any help is much appreciated. Thanks, Ivo Cavalcante _______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx https://lists.freedesktop.org/mailman/listinfo/spice-devel