On Wed, 2009-11-04 at 18:52 -0600, Anthony Liguori wrote:
> I'd rather make the "default" network configurable via a global
> configuration file. That way, if a distribution knew that it had a
> bridge setup for its users, it could make -net bridge the default.
Fair enough.
:-Dustin
signatur
Dustin Kirkland wrote:
We address this problem by introducing a new network backend: -net bridge. This
backend is less flexible than -net tap because it relies on a helper with
elevated privileges to do the heavy lifting of allocating and attaching a tap
device to a bridge. We use a special pur
On Tue, 2009-11-03 at 18:28 -0600, Anthony Liguori wrote:
> This series solves a problem that I've been struggling with for a few years
> now.
> One of the best things about qemu is that it's possible to run guests as an
> unprivileged user to improve security. However, if you want to have your
Michael S. Tsirkin wrote:
Well it doesn't really help with the issue of privileges which is what
this series is really about.
Regards,
Anthony Liguori
I note that by default you grant all users all access.
If you do that, just give them net cap admin already?
By default, I give no
On Wed, Nov 04, 2009 at 01:48:01PM -0600, Anthony Liguori wrote:
> Michael S. Tsirkin wrote:
>> On Tue, Nov 03, 2009 at 06:28:01PM -0600, Anthony Liguori wrote:
>>
>>> This series solves a problem that I've been struggling with for a few years
>>> now.
>>> One of the best things about qemu is t
Michael S. Tsirkin wrote:
On Tue, Nov 03, 2009 at 06:28:01PM -0600, Anthony Liguori wrote:
This series solves a problem that I've been struggling with for a few years now.
One of the best things about qemu is that it's possible to run guests as an
unprivileged user to improve security. Howev
On Tue, Nov 03, 2009 at 06:28:01PM -0600, Anthony Liguori wrote:
> This series solves a problem that I've been struggling with for a few years
> now.
> One of the best things about qemu is that it's possible to run guests as an
> unprivileged user to improve security. However, if you want to have
