On Sat, Feb 8, 2014 at 3:57 PM, Aryeh Friedman <aryeh.fried...@gmail.com>wrote:

>
>
>
> On Sat, Feb 8, 2014 at 3:54 PM, Adam Vande More <amvandem...@gmail.com>wrote:
>
>>
>> On Sat, Feb 8, 2014 at 2:14 PM, Aryeh Friedman 
>> <aryeh.fried...@gmail.com>wrote:
>>
>>>
>>> It sounds almost identical to the qcow2 security issue being discussed
>>> on qemu-de...@qemu.org recently.   This might be a *HUGE* win for bhyve
>>> then in considering that it's default format is raw (should ahci-hdd be the
>>> default?).   devel/qemu (not sure about -dev) uses qcow2 as a default and
>>> when playing with it on other OS's I found that it seemed to default to
>>> that also.  It is my understand that most of the open source cloud
>>> platforms use qcow2 as their default also (I remember this from an attempt
>>> to install openstack grizzly last summer... I have not checked havana
>>> though... can any of the freebsd-openstack confirm this?).
>>>
>>
>> I don't consider it a huge win because the possibility of using an
>> insecure device precludes it.  Someone high on the tree bhyve needs to
>> confirm or deny this otherwise it is unsafe to recommend bhyve
>> or petitecloud.  No offense intended, I really hope it succeeds and will
>> likely use it if it does.  I cannot use anything which leaves the host
>> open.  I am also unclear on how bhyve bypasses GEOM which *should* prevent
>> any of the symptoms discussed.
>>
>
> The point was that raw has no issue and this is the default for both bhyve
> and petitecloud (to avoid certain list politics I didn't mention it by name
> before).   Sparse is the issue and thus qemu, openstack and cloudstack (as
> well as likely vbox) are a problem.
>
>
I should say in all the sparse format cases I do not consider it a flaw
(per se) that they picked because if your not considering sceurity qcow2 is
a very good format.   If PetiteCloud had not started with bhyve as our
first hypervisor instead of say qemu it is almost certain we would of
fallen into the same trap.   It is easy to over look the obvious also like
for example until this thread I didn't see how image format could effect
security (assuming that it was not crypted of course)


-- 
Aryeh M. Friedman, Lead Developer, http://www.PetiteCloud.org
_______________________________________________
freebsd-virtualization@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization
To unsubscribe, send any mail to 
"freebsd-virtualization-unsubscr...@freebsd.org"

Reply via email to