On Sat, Feb 8, 2014 at 3:54 PM, Adam Vande More <[email protected]>wrote:
> > On Sat, Feb 8, 2014 at 2:14 PM, Aryeh Friedman > <[email protected]>wrote: > >> >> It sounds almost identical to the qcow2 security issue being discussed on >> [email protected] recently. This might be a *HUGE* win for bhyve >> then in considering that it's default format is raw (should ahci-hdd be the >> default?). devel/qemu (not sure about -dev) uses qcow2 as a default and >> when playing with it on other OS's I found that it seemed to default to >> that also. It is my understand that most of the open source cloud >> platforms use qcow2 as their default also (I remember this from an attempt >> to install openstack grizzly last summer... I have not checked havana >> though... can any of the freebsd-openstack confirm this?). >> > > I don't consider it a huge win because the possibility of using an > insecure device precludes it. Someone high on the tree bhyve needs to > confirm or deny this otherwise it is unsafe to recommend bhyve > or petitecloud. No offense intended, I really hope it succeeds and will > likely use it if it does. I cannot use anything which leaves the host > open. I am also unclear on how bhyve bypasses GEOM which *should* prevent > any of the symptoms discussed. > The point was that raw has no issue and this is the default for both bhyve and petitecloud (to avoid certain list politics I didn't mention it by name before). Sparse is the issue and thus qemu, openstack and cloudstack (as well as likely vbox) are a problem. -- Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization To unsubscribe, send any mail to "[email protected]"
