I think the best option is to run every KVM as another user and chown
the /var/lib/vz/images/VMID/ directory to that user.
There will be vulnerabilities at any time and the best option is to
just use other users to prevent execution of code on the host or
modify other vms(read data).
Best regards
Henry Spanka
--
Fügen Sie uns in die Liste "vertrauenswürdiger Absender" hinzu.
If you have any further questions, please let us know.
Mit freundlichen Grüßen / With best regards
myVirtualserver.de | Development Team
Henry Spanka
_______________________________________________
pve-devel mailing list
pve-devel@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
