[libvirt] [PATCH] Ensure root filesystem is recursively mounted readonly

[Gao feng]

On 09/10/2013 04:11 PM, Daniel P. Berrange wrote:
> Using SELinux, or dropping certain capabilities will prevent that, so
> this is still useful protection even if unconfined root can get around
> it. In addition Eric Biederman has a change to allow the mount state
> to be locked & prevent this approach.

Ok, thanks for your information.
I need to take a look at it.