Why does Proxmox run KVM process as root? Running KVM as a non-root user would be much more secure, a flaw allowing code execution on the host would be limited by the user account.
For added security running each KVM process as a unique user would prevent an exploit in one guest from accessing virtual disks of another guest provided proper permissions were also applied to the vm disk files/devices. Eric
_______________________________________________ pve-devel mailing list [email protected] http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
