Project

General

Profile

Actions

Feature #13764

open

bhyve could reduce privileges(5)

Added by Andy Fiddaman 8 days ago. Updated 4 days ago.

Status:
In Progress
Priority:
Normal
Assignee:
Category:
bhyve
Start date:
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:

Description

By default, bhyve(1M) runs as root with all privileges. We could use illumos privileges to reduce this.
(NB: when run in a zone on SmartOS, OmniOS and OpenIndiana, the privileges are already reduced using the brand config, but they could still be reduced further)

Actions #1

Updated by Electric Monk 8 days ago

  • Gerrit CR set to 1454
Actions #2

Updated by Andy Fiddaman 4 days ago

  • Subject changed from bhyve could use privileges(5) to bhyve could reduce privileges(5)
Actions

Also available in: Atom PDF