Di seguito è riportata una copia della mia risposta che ho fornito in qualche altro thread ( Le VM in esecuzione all'interno delle macchine virtuali sarebbero un modo più sicuro per studiare virus, ecc. ) su un argomento di sicurezza della virtualizzazione nidificata. Vorrei sapere se la mia risposta era giusta o sbagliata. Mi piacerebbe sapere se i driver paravirtualizzati sono effettivamente un rischio per la sicurezza e se SELinux (come sVirt) può fare qualcosa al riguardo.
Me: (questo era a metà 2012, prima del buon supporto per la virtualizzazione nidificata)
You can run VM inside a VM, but you probably won't be able to use hardware virtualization. It should still work thought, but you will probably have to use different hypervisors (example: VirtualBox for first VM, VMware for second). I think this is unnecessary and insecure. RHEL and Fedora (and maybe others) have built-in support for running KVM and using SElinux to restrict the VM process on the host. SElinux provides ample protection, but not against paravirtualized driver vulnerabilities. For maximum security, do not use paravirtualized drivers.
X:
not in citation given - nothing I could find suggests that SELinux is ineffective when paravirtualized drivers are in use on KVM, and a quick Google search didn't turn up anything either. Do you have a source for this?
Più di 2 anni sono passati
Io:
I think the last part was my own idea and there is no other source. IMO, paravirtualized drivers are not subject to SELinux security controls because SELinux controls userspace processes, files, etc. I think paravirtualized drivers work by direct communication between guest kernel and hypervisor, which results in superior performance, but expose a part of hypervisor to the guest, that would otherwise be unreachable. I have no evidence for this, so I could be completely wrong.