[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-discuss] p9 security_model docs
From: |
anatoly techtonik |
Subject: |
[Qemu-discuss] p9 security_model docs |
Date: |
Mon, 16 May 2016 08:18:55 +0300 |
Hi,
http://wiki.qemu.org/Documentation/9psetup#Starting_the_Guest_directly
seems to be the official docs on folder sharing with libvirt/QEMU linked
from elsewhere on the internets.
I don't understand some things in it:
1. list of security_model attributes is nested under sock_fd=sock_fd. I
could probably fix it myself, but I couldn't find who to contact to add me to
wiki with "techtonik" name.
2. `squash` attribute is not present in description (available in virt-manager),
is it the same as `none` in wiki?
3. fs drivers `local`, `handle` and `proxy` are not documented and not linked
4. filesystem drivers in virt-manager are `default`, `handle` and `path` - are
those the same as `local`, `default` and `proxy`?
5. how does `passthrough` work - does it use simple user name matching?
If I some image from network uses `root` user inside, will that user be able
to do nasty things on my host filesystem? If user doesn't exist on host, what
should happen?
6. related to previous question, how good is guest `root` user isolated in
subdirectory shared with host system if that `root` matches the `root` user
on host?
It would be great to see detailed explanation on that security models on wiki
page or linked from there.
Thanks.
--
anatoly t.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-discuss] p9 security_model docs,
anatoly techtonik <=