On Sat, Feb 8, 2014 at 2:14 PM, Aryeh Friedman <aryeh.fried...@gmail.com>wrote:
>
>
> It sounds almost identical to the qcow2 security issue being discussed on
> qemu-de...@qemu.org recently.   This might be a *HUGE* win for bhyve then
> in considering that it's default format is raw (should ahci-hdd be the
> default?).   devel/qemu (not sure about -dev) uses qcow2 as a default and
> when playing with it on other OS's I found that it seemed to default to
> that also.  It is my understand that most of the open source cloud
> platforms use qcow2 as their default also (I remember this from an attempt
> to install openstack grizzly last summer... I have not checked havana
> though... can any of the freebsd-openstack confirm this?).
>

I don't consider it a huge win because the possibility of using an insecure
device precludes it.  Someone high on the tree bhyve needs to confirm or
deny this otherwise it is unsafe to recommend bhyve or petitecloud.  No
offense intended, I really hope it succeeds and will likely use it if it
does.  I cannot use anything which leaves the host open.  I am also unclear
on how bhyve bypasses GEOM which *should* prevent any of the symptoms
discussed.


-- 
Adam
_______________________________________________
freebsd-virtualization@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization
To unsubscribe, send any mail to 
"freebsd-virtualization-unsubscr...@freebsd.org"

Reply via email to