Re: [libvirt] [PATCH] Ensure root filesystem is recursively mounted readonly
On 09/10/2013 04:11 PM, Daniel P. Berrange wrote:
Using SELinux, or dropping certain capabilities will prevent that,
so
this is still useful protection even if unconfined root can get around
it. In addition Eric Biederman has a change to allow the mount state
to be locked & prevent this approach.
Ok, thanks for your information.
I need to take a look at it.