Re: [libvirt] [RFC] Adding new filesystem 'proxy' to 9p

That is the case if the proxy helper code is perfectly written. I am trying to think about the scenario where there is a bug (eg heap corruption / stack overflow) which allows a malicious non-root QEMU process to exploit the proxy helper to run code that it was *not* intended to run. If the proxy helper is running root with all capabilities, then a bug in the proxy helper can easily turn into a full root exploit. If the proxy helper starts as root, chroots, and then immediately drops to a non-root user, keeping only the CAP_CHOWN, CAP_DAC_OVERRIDE, CAP_FOWNER and CAP_DAC_READ_SEARCH capabilities, then a bug in the proxy helper can only be used to access files within the designated 9pfs export. If the exported directory does not contain any important host system files, then it is unlikely it can be used to create a full root exploit.