* don't let network services mmap (or even open!) random executables through mandatory access control (SELinux)
It's always a matter of increasing attacker cost. I am not sure that attacking QEMU, then finding a privilege escalation on the host that can break out of SELinux is much easier than just staying in the VM, hopping…
How do you get the source to the LGPL components?
Last January [1] there was a report of Veertu violating QEMU's GPL license. There seem to be quite a few users in this thread, could anyone confirm them? [1]…
* don't let network services mmap (or even open!) random executables through mandatory access control (SELinux)
It's always a matter of increasing attacker cost. I am not sure that attacking QEMU, then finding a privilege escalation on the host that can break out of SELinux is much easier than just staying in the VM, hopping…
How do you get the source to the LGPL components?
Last January [1] there was a report of Veertu violating QEMU's GPL license. There seem to be quite a few users in this thread, could anyone confirm them? [1]…