[Users] Announcement: Proxmox Virtual Environment 1.0 - Firststable release

Roberto Mello roberto.mello at gmail.com
Fri Nov 21 12:11:03 EST 2008


On Fri, Nov 21, 2008 at 9:51 AM, Dietmar Maurer <dietmar at proxmox.com> wrote:
>> Whithout having gone through the docs I'm curious as to what kind of
>> protocol it uses to talk to the remote VZ hosts.
>
> https and VNC

It uses HTTPS to issue commands to the VZ nodes in the cluster? Really?

>> Can you talk a little about the security of the model used by Proxmox?
>> Can I, on the client VZ HNs managed by Proxmox, limit what commands
>> Proxmox can execute? (important in the case that my Proxmox server
>> gets compromised)
>
> Not sure if I understand your question. If someone gets root access to
> the HOST you have a real problem. But that's true for any unix system.

Yes, I know that a compromise is a real problem. It's always a real
problem. Hence the need for mitigation measures.

If a regular server is compromised, that is one server. What I am
asking is what happens if my Proxmox server gets compromised? How does
it talk to the VZ HNs that it is controlling? Is it SSH running shell
commands? Or does each VZ HN have to run some sort of daemon that
listens for commands from the Proxmox server? Or what?

The web site says Proxmox uses kernel 2.6.24, which AFAIK isn't deemed
as stable by the OpenVZ kernel team. Has 2.6.24 with the OpenVZ patch
been tested much?

Thank you,

Roberto


More information about the Users mailing list