container/VM memory hostside

Top Page
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: der.hans
To: quatsch
Subject: container/VM memory hostside
moin moin,

I presume that if you run a container or VM as you on your system you can
make a copy of its memory from the host system.

If you run it as root, is root the only user ( outside of escalation
exploits ) that has access to the memory?

If you run it as a 3rd party, e.g. myvmuser, then only that user and root
can inspect the memory from the host side?

I'm contemplating the security implications of running a security or
privacy process ( password manager, keyserver, etc. ) in a containerized
or VM environment rather than just running it as an application on the

Security and privacy processes try to lock down the memory on the host
system, but when the OS is in a sub-process you can dump the entire

In this particular case, I'm not worried about something escaping the
hosted system, rather I'm concerned about what can spy on the hosted


# I'm not anti-social, I'm pro-individual. - der.hans
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings: