Feature #13764
closed
bhyve could reduce privileges(5)
100%
Description
By default, bhyve(1M) runs as root with all privileges. We could use illumos privileges to reduce this.
(NB: when run in a zone on SmartOS, OmniOS and OpenIndiana, the privileges are already reduced using the brand config, but they could still be reduced further)
Related issues
Updated by Andy Fiddaman about 2 years ago
- Subject changed from bhyve could use privileges(5) to bhyve could reduce privileges(5)
Updated by Andy Fiddaman about 2 years ago
- Related to Bug #13788: restart of privilege-aware zone init fails added
Updated by Andy Fiddaman about 2 years ago
This change has been tested on OmniOS with a wide range of guests and combinations of devices and options.
The final version that has been submitted for RTI only drops privileges after all of the setup is done which minimises the risk of regressions.
Also note that since bhyve branded zones on OmniOS, OpenIndiana and SmartOS already reduce privileges at the zone brand level, there is a lot of experience of running bhyve with reduced privileges on illumos.
Updated by Electric Monk about 2 years ago
- Status changed from In Progress to Closed
- % Done changed from 0 to 100
git commit 2817ebc2366683391690bbd0e0dd2e82aaa281f7
commit 2817ebc2366683391690bbd0e0dd2e82aaa281f7
Author: Andy Fiddaman <omnios@citrus-it.co.uk>
Date: 2021-05-24T18:14:16.000Z
13764 bhyve could reduce privileges(5)
Reviewed by: Robert Mustacchi <rm@fingolfin.org>
Approved by: Dan McDonald <danmcd@joyent.com>
Updated by Andy Fiddaman over 1 year ago
- Related to Bug #14544: bhyve(1M) uses -A in EXAMPLES but doesn't otherwise document it added