[Virtio-fs] SELinux support in virtio-fs
Stefan Hajnoczi
stefanha at redhat.com
Mon Feb 10 16:06:39 UTC 2020
Hi Dan,
I've CCed the public virtio-fs mailing list because SELinux support in
virtio-fs has been asked about recently.
It's time to figure out what level of SELinux support will be available
in virtio-fs. The file system client shares most of its code with FUSE
and SELinux labels on files are currently not supported in FUSE.
It would be possible to pass through extended attributes to the
virtiofsd daemon running on the host. However, passing through xattrs
allows the client to relabel files on the host file system and this
could pose a security problem. virtiofsd already allows the client to
set the uid/gid and permissions, but is passing through SELinux xattrs a
bad idea?
virtiofsd is in a position to mangle extended attribute names
("security.selinux" -> "virtiofs.security.selinux") in order to separate
guest SELinux labels from host SELinux labels.
As someone who knows very little about SELinux I'm eager to hear what
you think would be a good approach. Secure containers (e.g. Kata
Containers) are an important use case but virtio-fs can also be used as
the root file system for a guest (a scenario where full SELinux support
is needed).
Thanks,
Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/virtio-fs/attachments/20200210/644c6ef9/attachment.sig>
More information about the Virtio-fs
mailing list