Hi again, I've read and thought a bit more. Is the following possible: 1. create a folder (say /virtroot) on the host that should hold the root filesystem for the virtual machine 2. pass /bin, /sbin, /usr, /lib and /lib64 and /virtroot to the guest via virtfs[1]. Only the latter is passed writable. 3. create an initrd for the guest with an fstab that mounts the above folders at the right locations. 4. start the virtual machine without storage attached and use -kernel to pass a kernel from the host system [1] http://www.linux-kvm.org/page/9p_virtio As a result I could have a very lightweight debian stable virtual machine to run untrusted applications. Regards, Thomas Koch