cloud-hypervisor

mirror of https://github.com/cloud-hypervisor/cloud-hypervisor.git synced 2024-08-20 06:51:15 +00:00

History

Sergio Lopez 6aab0a5458 vhost_user_fs: Implement support for optional sandboxing Implement support for setting up a sandbox for running the service. The technique for this has been borrowed from virtiofsd, and consists on switching to new PID, mount and network namespaces, and then switching root to the directory to be shared. Future patches will implement additional hardening features like dropping capabilities and seccomp filters. Signed-off-by: Sergio Lopez <slp@redhat.com>	2020-05-14 17:16:23 +02:00
..
src	vhost_user_fs: Implement support for optional sandboxing	2020-05-14 17:16:23 +02:00
Cargo.toml	vhost_user_fs: Implement support for optional sandboxing	2020-05-14 17:16:23 +02:00

Sergio Lopez 6aab0a5458 vhost_user_fs: Implement support for optional sandboxing

Implement support for setting up a sandbox for running the
service. The technique for this has been borrowed from virtiofsd, and
consists on switching to new PID, mount and network namespaces, and
then switching root to the directory to be shared.

Future patches will implement additional hardening features like
dropping capabilities and seccomp filters.

Signed-off-by: Sergio Lopez <slp@redhat.com>

2020-05-14 17:16:23 +02:00

src

vhost_user_fs: Implement support for optional sandboxing

2020-05-14 17:16:23 +02:00

Cargo.toml

vhost_user_fs: Implement support for optional sandboxing

2020-05-14 17:16:23 +02:00