On Fri, Aug 29, 2008 at 01:41:09PM +0100, Richard W.M. Jones wrote:
On Fri, Aug 29, 2008 at 06:00:36AM +0100, Daniel P. Berrange wrote:
> Indeed - I'm not aware of any apps using it yet. It is currently only
> of marginal benefit, since you can't actually set the label, only see
> the existing (potentially wrong) label.
It always seemed to me a bit worrying that libvirtd would actually set
labels on things. James, am I wrong to be worrying about this?
It depends on the threats you are attempting to protect against.
For the sVirt work we're primarily interested in protecting the
network & host from guests, and guests from each other. libvirtd
is the control plane, so it has no choice but to deal with labelling
If on the other hand we were trying to protect against flaws in
libvirtd itself, then this wouldn't be a viable approach.
Daniel
--
|: Red Hat, Engineering, London -o-
http://people.redhat.com/berrange/ :|
|:
http://libvirt.org -o-
http://virt-manager.org -o-
http://ovirt.org :|
|:
http://autobuild.org -o-
http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|