[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 4/4] Add support for -net bridge

From: Avi Kivity
Subject: Re: [Qemu-devel] [PATCH 4/4] Add support for -net bridge
Date: Sun, 08 Nov 2009 10:55:03 +0200
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20091014 Fedora/3.0-2.8.b4.fc11 Thunderbird/3.0b4

On 11/08/2009 10:43 AM, Arnd Bergmann wrote:
btw, shouldn't we, in the general case, create a bridge per user and use
IP NAT?  If we have a global bridge, users can spoof each other's MAC
addresses and interfere with their virtual machines.  They can also
interfere with the real network.

That's not a concern with most one-user-per-machine configurations, but
the default configuration should be safe.
It also depends a lot on what you want to do with the virtual machine.
If you want to run a game or a legacy application in a different operating
system on your desktop, a NATed bridge is ideal, but it does not work
on a server if the guest wants to listen on a socket with its own IP address.

Yes. It also depends on what the system administrator wants you to be able to do. On desktop machines you are usually the system administrator so there is no problem. But we should beware of making it easy to subvert security.

There is also the problem of accidental MAC overlap - qemu uses the same MAC address for all virtual machines unless overridden, so if two users create a virtual machine without specifying MAC addresses they will trample each other. A single user could also have trouble launching two guests; that's not a security problem, but will lead to a lot of annoyance and false bug reports ("networking dies as soon as I launch a second guest").

error compiling committee.c: too many arguments to function

reply via email to

[Prev in Thread] Current Thread [Next in Thread]