{"id":"rhel9-dual-workload-isolation-platform","text":"RHEL 9 provides dual workload isolation with distinct security models: virtual machines via the managed KVM/QEMU/libvirt stack with Cockpit web management and hardware-level isolation, and containers via Podman with MCS-enforced category-based separation where each container receives unique SELinux categories enforced after DAC and Type Enforcement.","truth_value":"IN","source":"","source_url":"","source_hash":"","justifications":[],"dependents":[],"metadata":{},"explanation":{"steps":[{"node":"rhel9-dual-workload-isolation-platform","truth_value":"IN","reason":"premise"}]}}