On Fri, Nov 21, 2008 at 9:51 AM, Dietmar Maurer <[EMAIL PROTECTED]> wrote: >> Whithout having gone through the docs I'm curious as to what kind of >> protocol it uses to talk to the remote VZ hosts. > > https and VNC
It uses HTTPS to issue commands to the VZ nodes in the cluster? Really? >> Can you talk a little about the security of the model used by Proxmox? >> Can I, on the client VZ HNs managed by Proxmox, limit what commands >> Proxmox can execute? (important in the case that my Proxmox server >> gets compromised) > > Not sure if I understand your question. If someone gets root access to > the HOST you have a real problem. But that's true for any unix system. Yes, I know that a compromise is a real problem. It's always a real problem. Hence the need for mitigation measures. If a regular server is compromised, that is one server. What I am asking is what happens if my Proxmox server gets compromised? How does it talk to the VZ HNs that it is controlling? Is it SSH running shell commands? Or does each VZ HN have to run some sort of daemon that listens for commands from the Proxmox server? Or what? The web site says Proxmox uses kernel 2.6.24, which AFAIK isn't deemed as stable by the OpenVZ kernel team. Has 2.6.24 with the OpenVZ patch been tested much? Thank you, Roberto _______________________________________________ Users mailing list [email protected] https://openvz.org/mailman/listinfo/users
