On 01/15/2014 11:25 PM, Clint Byrum wrote:
Excerpts from Alan Kavanagh's message of 2014-01-15 19:11:03 -0800:
Hi Paul
I posted a query to Ironic which is related to this discussion. My thinking was I want to
ensure the case you note here (1) " a tenant can not read another tenants
disk......" the next (2) was where in Ironic you provision a baremetal server that
has an onboard dish as part of the blade provisioned to a given tenant-A. then when
tenant-A finishes his baremetal blade lease and that blade comes back into the pool and
tenant-B comes along, I was asking what open source tools guarantee data destruction so
that no ghost images or file retrieval is possible?
Is that really a path worth going down, given that tenant-A could just
drop evil firmware in any number of places, and thus all tenants afterward
are owned anyway?
Ooh, nice one! :)
I suppose the provider could flash to known-good firmware for all
firmware on the device in between leases.
Chris
_______________________________________________
OpenStack-dev mailing list
[email protected]
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
