Public bug reported: Virtual machines started by libvirt run unconfined. If there is a bug in the hypervisor a guest could potentially attack other guests or the host. Providing an AppArmor profile would help protect against this. As of libvirt 0.6.1, sVirt has been merged and contains all the necessary hooks through a plugin architecture to confine a virtual machine using SELinux. Providing an AppArmor plugin would help increase security and contain virtual machines in Ubuntu.
See http://fedoraproject.org/wiki/Features/SVirt_Mandatory_Access_Control for details. ** Affects: libvirt (Ubuntu) Importance: Wishlist Assignee: Jamie Strandboge (jdstrand) Status: Triaged ** Changed in: libvirt (Ubuntu) Importance: Undecided => Wishlist ** Changed in: libvirt (Ubuntu) Status: New => Triaged ** Changed in: libvirt (Ubuntu) Milestone: None => karmic-alpha-6 ** Changed in: libvirt (Ubuntu) Assignee: (unassigned) => Jamie Strandboge (jdstrand) -- create apparmor security plugin for libvirt https://bugs.launchpad.net/bugs/388422 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
