[Users] Security risks in ve_allow_kthreads
Kirill Korotaev
dev at sw.ru
Wed Jan 9 02:54:57 EST 2008
Jakob Goldbach wrote:
> Hi,
>
> What securiy risks do I impose on myself when enabling kernel threads
> inside the VE ?
1. if kernel thread doesn't terminate on VE stop - VE stop will be blocked.
2. security implications can be that kernel threads usually can do things
which user space applications can't. So security implications depend
on what thread in question does.
3. if your system is quite trusted (2) is not an issue at all.
only (1) must be concerned.
Kirill
More information about the Users
mailing list