Re: [Vserver] secure a guest against the host's root-account

From: Serge E. Hallyn <serue_at_us.ibm.com>
Date: Mon 24 Apr 2006 - 13:35:48 BST
Message-ID: <20060424123548.GB9311@sergelap.austin.ibm.com>

Quoting Michael S. Zick (mszick@morethan.org):
> On Mon April 24 2006 01:02, Oliver Welter wrote:
> > Hi Folks,
> >
> > this might be a strange question for some of you as it is more an
> > academical interesst, but I hope you can help me out ;)
> >
> > Q: Is there a way to prevent that a superuser on the host system can
> >
> > * see process of a guest
> > * enter a guest
> > * receive any other valuable info from the guest
> >
> > The idea behind is easy - I want to give away a guest system that uses
> > an encrypted filesystem for its sensible data. The guest system itsself
> > will provide only very limited access to the data via an API and it must
> > be prevented by any means that even the "Bofh" of the host can access
> > any of the data....
> >
> > So, is there any way to do this ? I guess that SELinux/GR will offer
> > some pointers to forbid root these actions, but are there any "easier"
> > ways ??
> >
> Sounds like SELinux is the tool of choice for that.

And if your concern is with the host's admins, not with exploited root
apps on the host server, then selinux still won't help you.

-serge
_______________________________________________
Vserver mailing list
Vserver@list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver
Received on Tue Apr 25 16:14:12 2006

[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Tue 25 Apr 2006 - 16:14:15 BST by hypermail 2.1.8