* What are the security risks of running QEMU/KVM as root?
@ 2020-08-25 12:46 Maxime Guerreiro
0 siblings, 0 replies; only message in thread
From: Maxime Guerreiro @ 2020-08-25 12:46 UTC (permalink / raw)
To: qemu-devel
Hello,
I'd be interested to learn more about the security 'vision' of qemu/kvm being
two components, one running in-kernel, one running in user land. What are the
security advantages of running guests as non-root?
In case of a qemu or KVM vulnerability, won't malicious guests gain kernel
privilege no matter what user is running qemu?
If a guest is able to execute arbitrary code as the "qemu" user, can
it escalate to
root privileges using /dev/kvm?
I've also asked this on StackExchange [1], for visibility.
Thanks,
Maxime
[1]: https://security.stackexchange.com/questions/236681/what-are-the-security-risks-of-running-qemu-kvm-as-root
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2020-08-25 13:18 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-08-25 12:46 What are the security risks of running QEMU/KVM as root? Maxime Guerreiro
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).