On Wed, Aug 8, 2012 at 7:51 PM, Corey Bryant wrote:
>
>
> On 08/08/2012 11:58 AM, Stefan Hajnoczi wrote:
>>
>> On Wed, Aug 8, 2012 at 3:54 PM, Corey Bryant
>> wrote:
>>>
>>>
>>>
>>> On 08/08/2012 09:04 AM, Stefan Hajnoczi wrote:
On Tue, Aug 7, 2012 at 4:58 PM, Corey Bryant
wr
On 08/08/2012 11:58 AM, Stefan Hajnoczi wrote:
On Wed, Aug 8, 2012 at 3:54 PM, Corey Bryant wrote:
On 08/08/2012 09:04 AM, Stefan Hajnoczi wrote:
On Tue, Aug 7, 2012 at 4:58 PM, Corey Bryant
wrote:
libvirt's sVirt security driver provides SELinux MAC isolation for
Qemu guest processes
On Wed, Aug 8, 2012 at 3:54 PM, Corey Bryant wrote:
>
>
> On 08/08/2012 09:04 AM, Stefan Hajnoczi wrote:
>>
>> On Tue, Aug 7, 2012 at 4:58 PM, Corey Bryant
>> wrote:
>>>
>>> libvirt's sVirt security driver provides SELinux MAC isolation for
>>> Qemu guest processes and their corresponding image f
On 08/08/2012 09:04 AM, Stefan Hajnoczi wrote:
On Tue, Aug 7, 2012 at 4:58 PM, Corey Bryant wrote:
libvirt's sVirt security driver provides SELinux MAC isolation for
Qemu guest processes and their corresponding image files. In other
words, sVirt uses SELinux to prevent a QEMU process from op
On Tue, Aug 7, 2012 at 4:58 PM, Corey Bryant wrote:
> libvirt's sVirt security driver provides SELinux MAC isolation for
> Qemu guest processes and their corresponding image files. In other
> words, sVirt uses SELinux to prevent a QEMU process from opening
> files that do not belong to it.
>
> sV
libvirt's sVirt security driver provides SELinux MAC isolation for
Qemu guest processes and their corresponding image files. In other
words, sVirt uses SELinux to prevent a QEMU process from opening
files that do not belong to it.
sVirt provides this support by labeling guests and resources with
