[libvirt] improve security by adjusting the privileges of libvirtd processes

Monday, 16 November 2020

Hi Team

The daemon libvirtd runs as root user, which against the least privilege
security model.

root 567642 1.2 0.0 2856020 47576 ? Ssl 15:49 0:02 /usr/sbin/libvirtd --listen

In addition, the "--listen" parameter exposes TCP or TLS ports on the network,
it increasing the attack surface.

tcp   0   0 0.0.0.0:16509  0.0.0.0:*  LISTEN  647824/libvirtd
tcp   0   0 0.0.0.0:16514  0.0.0.0:*  LISTEN  647824/libvirtd

I have the following puzzles:
 1. Whether root is the least privilege required for libvirtd to manage
    virtualization platforms, it's possible to run libvirtd as a non-root user?

 2. Is there any plan to resolve this security weaknesses?
    (like move the function of "--listen" to an independent non-root process,
     or other better schemes)

Regards,
BiaoXiang

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

[libvirt] improve security by adjusting the privileges of libvirtd processes