SELinux & Xen
James Morris
jmorris at namei.org
Mon Jun 11 04:32:59 UTC 2007
On Mon, 11 Jun 2007, Jordi Prats wrote:
> But there's any way that you can be sure that a given domain can't acces
> to data on a other xen guest (a diferent device) using selinux?
>
> So, the Xen guest A could only acces to /dev/sda, and Xen guest B could
> only acces to /dev/sdb but they both are using the same xend daemon.
There's some experimental work on providing SELinux style controls over
Xen, see
http://lists.xensource.com/archives/html/xense-devel/
--
James Morris
<jmorris at namei.org>
More information about the fedora-selinux-list
mailing list