2

Context: I own a machine; I trust root and all the accounts. I virtualize untrusted guests using KVM, and don't want them to escape.

When /dev/kvm has the right permissions, non-root users can run KVM guests. Does this bring any security advantages over running guests as root? In case of a qemu or KVM vulnerability, won't malicious guests gain kernel privilege no matter what user is running qemu?

Going further, assuming accounts of the host can't be trusted, is it possible to gain root privileges using /dev/kvm?

punkeel
  • 121
  • 5
  • why are you using the [tag:spectre] and [tag:meltdown] tags? This seems to be completely unrelated to these vulnerabilities. – Marcus Müller Aug 05 '20 at 20:44
  • I'm not sure how guest memory is managed by qemu/kvm: is it owned by the user starting qemu? If so, running as root will have different implications due to spectre/meltdown, right? – punkeel Aug 05 '20 at 20:45
  • 1
    no, not really? The point of these is that you can get info about memory that you shouldn't be able to get as your user, no matter whether you're root or nobody. – Marcus Müller Aug 05 '20 at 20:56
  • removed the tags, thanks @MarcusMüller – punkeel Aug 05 '20 at 20:57
  • CVE-2020-14364 might be a good example of such a 'qemu/kvm vulnerability' – punkeel Aug 25 '20 at 11:43

0 Answers0