On Mon April 24 2006 01:02, Oliver Welter wrote: > Hi Folks, > > this might be a strange question for some of you as it is more an > academical interesst, but I hope you can help me out ;) > > Q: Is there a way to prevent that a superuser on the host system can > > * see process of a guest > * enter a guest > * receive any other valuable info from the guest > > The idea behind is easy - I want to give away a guest system that uses > an encrypted filesystem for its sensible data. The guest system itsself > will provide only very limited access to the data via an API and it must > be prevented by any means that even the "Bofh" of the host can access > any of the data.... > > So, is there any way to do this ? I guess that SELinux/GR will offer > some pointers to forbid root these actions, but are there any "easier" > ways ?? > Sounds like SELinux is the tool of choice for that.
Mike > Oliver _______________________________________________ Vserver mailing list [email protected] http://list.linux-vserver.org/mailman/listinfo/vserver
