OpenVZ and rootkits [message #42786] |
Fri, 27 May 2011 18:11 |
curtis_isparks
Messages: 14 Registered: April 2011
|
Junior Member |
|
|
Because OpenVZ does not have a hypervisor layer (where guests run their own kernel), it does make me wonder about security. Does it still provide protection for the HN against most rootkits that might be run inside a container? In other words, do rootkits that have no knowledge that they are being run inside a container also cause problems for the HN? Are there rootkits that are built specifically to break out of OpenVZ containers?
Thanks,
Curtis
|
|
|
|
|
Re: OpenVZ and rootkits [message #42834 is a reply to message #42792] |
Fri, 03 June 2011 18:14 |
curtis_isparks
Messages: 14 Registered: April 2011
|
Junior Member |
|
|
dzimi wrote on Sun, 29 May 2011 07:44Argh!! ( You cannot use links until you have posted more than 10 messages. )
openvz.livejournal.com/37305.html
read it. OWL patches would like to help you
Thanks for the suggestion, dzimi. It looks, however, that to use OWL, it acts as the host node OS, and I'm using Proxmox as my host OS.
Oh well, I am going to try asking this question another way, since this thread did not draw much response.
Curtis
|
|
|