摘要 |
A file access control device and a control method in a virtual environment are disclosed. Embodiments of the present invention relate to a technique capable of increasing security and efficiency in a OS-level virtualization environment by effectively resolving security weak points that can occur due to a program, operated in an execution environment of a virtual operating system which is the virtual environment, allowing to access/refer files managed in the execution environment of a host operating system for compatibility. [Reference numerals] (AA) Start; (BB) End; (S100) Initialize an execution environment of a virtual operating system; (S110) Generate an access permission list and storage state unique information by file; (S120) Operate a system in the execution environment of the virtual operating system; (S130) Try to access a specific file; (S140) Exit in the access permission list?; (S150) Current storage state = Storage state of the storage state unique information ?; (S160) Allow access; (S170) Do not allow access |