[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Running untrusted code as root in a `guix system vm`?
From: |
Simon Tournier |
Subject: |
Re: Running untrusted code as root in a `guix system vm`? |
Date: |
Thu, 15 Feb 2024 17:56:09 +0100 |
Hi,
On ven., 29 déc. 2023 at 23:40, Ben Weinstein-Raun <root@benwr.net> wrote:
> I'm considering running some software inside a VM created using `guix
> system vm`. The easiest thing to do would be to run the virtualized
> software as root. Normally I wouldn't think twice about that, but iiuc
> the guest will have the host's /store mounted. Am I right that this
> should make me nervous about running untrusted things as root in the VM?
> Or is there some trick by which a root process in the VM is prevented
> from destructively changing /store?
What do you mean by “destructively changing /store”?
Cheers,
simon
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: Running untrusted code as root in a `guix system vm`?,
Simon Tournier <=