openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity
Files
eb7953df7f2265c293783ef096ad96e7fc5d90ff
openshift-docs/modules/virt-about-workload-security.adoc
Jaromir Hradilek bcf009aebe CNV-62649: Updated CNV modules to pass DITA validation
2025-11-18 16:29:25 +01:00

13 lines
769 B
Plaintext
Raw Blame History

// Module included in the following assemblies:
//
// * virt/virt-security-policies.adoc
:_mod-docs-content-type: CONCEPT
[id="virt-about-workload-security_{context}"]
= About workload security
[role="_abstract"]
By default, virtual machine (VM) workloads do not run with root privileges in {VirtProductName}, and there are no supported {VirtProductName} features that require root privileges.
For each VM, a `virt-launcher` pod runs an instance of `libvirt` in _session mode_ to manage the VM process. In session mode, the `libvirt` daemon runs as a non-root user account and only permits connections from clients that are running under the same user identifier (UID). Therefore, VMs run as unprivileged pods, adhering to the security principle of least privilege.
View Git Blame Copy Permalink