On Thu, Sep 22, 2022 at 11:13:42AM -0300, Jason Gunthorpe wrote:
On Thu, Sep 22, 2022 at 12:06:33PM +0100, Daniel P. Berrangé wrote:
So per-user locked mem accounting looks like a regression in our VM isolation abilities compared to the per-task accounting.
For this kind of API the management app needs to put each VM in its own user, which I'm a bit surprised it doesn't already do as a further protection against cross-process concerns.
Putting VMs in dedicated users is not practical to automatically do on a general purpose OS install, because there's no arbitrator of what UID ranges can be safely used without conflicting with other usage on the OS. With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|