next up previous
Next: Applications Up: Shared subsystems Previous: Shared subsystems

Security considerations

For multiple virtual machines to share a subsystem which enforces some kind of security, they must also share a security domain. In particular, for a shared filesystem, the virtual machines must also share user ids and group ids. Since users of virtual machines will commonly have root access, a set of UMLs that share a read-write filesystem must be mutually trusting. Otherwise, a root user in one machine could destroy data in the shared filesystem that was written by one of the other virtual machines.



Jeff Dike 2001-09-15