Hi, all: In this wiki, http://wiki.openstack.org/Nova/Rootwrap, the part of "security model" results in "This chain ensures that the nova user itself is not in control of the configuration or modules used by the nova-rootwrap executable". I understand that chain but I`m confused with this conclusion. That chain means that a nova-rootwrap executable runs safely under root-control. In another word, the program nova-rootwrap runs is protected by root, and it cannot be influenced by other users. But that conclusion implies that the insecurity model is *nova* user is in control by someone. This is what I'm confused with. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack/attachments/20130111/c6a2da4c/attachment.html>