diff options
Diffstat (limited to 'kvmx-shell')
| -rwxr-xr-x | kvmx-shell | 10 |
1 files changed, 10 insertions, 0 deletions
@@ -22,4 +22,14 @@ DIRNAME="`dirname $0`" # Dispatch +# +# WARNING: this is not a restricted shell. By using the "config" action +# one can easilly run arbitrary commands. So assume kvmx-shell is just +# a utility wrapper for kvmx and not a complete isolation sollution. +# +# Assume this shell is as safe as giving /bin/bash access to the user. +# +# You might use `kvmx-restricted-shell` instead of use it as an example to +# build a restricted shell by allowing just a small subset of kvmx commands +# like starting/stopping the guest. $DIRNAME/kvmx shell $USER |