On Thu, Dec 12, 2019 at 04:38:09PM +0000, Dr. David Alan Gilbert (git) wrote: > From: Stefan Hajnoczi <stefa...@redhat.com> > > virtiofsd needs access to /proc/self/fd. Let's move to a new pid > namespace so that a compromised process cannot see another other > processes running on the system. > > One wrinkle in this approach: unshare(CLONE_NEWPID) affects *child* > processes and not the current process. Therefore we need to fork the > pid 1 process that will actually run virtiofsd and leave a parent in > waitpid(2). This is not the same thing as daemonization and parent > processes should not notice a difference. > > Signed-off-by: Stefan Hajnoczi <stefa...@redhat.com> > --- > tools/virtiofsd/passthrough_ll.c | 134 ++++++++++++++++++++----------- > 1 file changed, 86 insertions(+), 48 deletions(-)
Reviewed-by: Daniel P. Berrangé <berra...@redhat.com> Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
