From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1K9gQs-0006f9-Cg
	for qemu-devel@nongnu.org; Fri, 20 Jun 2008 09:13:38 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1K9gQq-0006eE-Pw
	for qemu-devel@nongnu.org; Fri, 20 Jun 2008 09:13:37 -0400
Received: from [199.232.76.173] (port=34988 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1K9gQq-0006e6-FD
	for qemu-devel@nongnu.org; Fri, 20 Jun 2008 09:13:36 -0400
Received: from mail.codesourcery.com ([65.74.133.4]:52680)
	by monty-python.gnu.org with esmtps
	(TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.60)
	(envelope-from <paul@codesourcery.com>) id 1K9gQq-00008C-59
	for qemu-devel@nongnu.org; Fri, 20 Jun 2008 09:13:36 -0400
From: Paul Brook <paul@codesourcery.com>
Subject: Re: [Qemu-devel] Disabling outgoing connectiong from within guest
Date: Fri, 20 Jun 2008 14:13:25 +0100
References: <be6fd6ab0806181441w7816d955j82cc12d5f991fa04@mail.gmail.com>
	<200806190101.42916.paul@codesourcery.com>
	<alpine.LSU.1.00.0806201339091.32725@wbgn129.biozentrum.uni-wuerzburg.de>
In-Reply-To: <alpine.LSU.1.00.0806201339091.32725@wbgn129.biozentrum.uni-wuerzburg.de>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
Message-Id: <200806201413.29778.paul@codesourcery.com>
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org
Cc: =?utf-8?q?=C5=81ukasz_Taczuk?= <taczuk@gmail.com>

On Friday 20 June 2008, Johannes Schindelin wrote:
> Hi,
>
> On Thu, 19 Jun 2008, Paul Brook wrote:
> > On Wednesday 18 June 2008, =C5=81ukasz Taczuk wrote:
> > > I would like to create a sandboxed environment in which random users
> > > would be able to roam freely using ssh. However, I don't want to allow
> > > them to open outgoing connections just as if the box was offline (even
> > > if the guest is compromised). Basically I would like to have something
> > > like reversed user mode network stack: you can log in to the guest,
> > > but once you're in, you cannot connect to the host nor any other
> > > machine.
> >
> > Your host OS firewall/packet filter should already be able to do this.
> > IMHO there's little or no point reimplementing this functionality in
> > qemu.
>
> Except that Lukasz wrote about users in the sandboxed environment, not all
> users of the _host_ machine.

Right. That's why you want to do the firewalling/sandboxing on the host. If=
=20
you don't trust your host OS you're already screwed.

Paul