Least Privilege for xVM [PSARC/2008/289 FastTrack timeout 05/06/2008]
John Levon
john.levon at sun.com
Fri May 2 10:19:37 PDT 2008
On Tue, Apr 29, 2008 at 07:31:59AM -0700, Darren J Moffat wrote:
> 4.12. Future work
>
> The privileges defined in this case are relatively coarse-grained.
> Over time, we expect the privilege boundaries to be decomposed
> further to improve the security surface of the control daemons.
>
> virt-install(1m) will still require all privileges due to its use
> of lofiadm(1). A forthcoming case will modify this requirement.
This is:
PSARC/2008/290 lofi mount
Can you update the materials to reference this case?
thanks
john
More information about the opensolaris-arc
mailing list