On Thu, Oct 21, 2010 at 09:59:50AM +0200, Ghislain wrote:
> > If you have enabled guest privacy in your kernel, the spectator
> > context is essentially useless, and things like this can't
> > really be done without looping through the guests.
> i was wondering about the real thing that guest privacy does.
#ifdef CONFIG_VSERVER_PRIVACY
#define VS_ADMIN_P (0)
#define VS_WATCH_P (0)
#else
> Does it just prevent the spectator context ?
it prevents the spectator context and the admin
functionality in all cases which are privacy
sensitive, which includes:
- ptrace
- devmapper
- devpts
- inode tag permissions
- mountinfo
- kill/signal
- netlink dumps
- tun control
- iopriority
> What security do it bring to the system ?
together with the VXF_STATE_ADMIN it can be
used to secure a guest (to some degree) from
unwanted access from the host admin, of course,
as the admin can change the kernel, this is a
voluntary feature which mostly prevents certain
kinds of accidential peeking or guest modification
HTC,
Herbert
> --
> Cordialement,
> Ghislain
Received on Thu Oct 21 10:30:18 2010