Report of my virtual network lab migrated from virtualbox to bhyve
Adam Vande More
amvandemore at gmail.com
Sat Feb 8 20:54:26 UTC 2014
On Sat, Feb 8, 2014 at 2:14 PM, Aryeh Friedman <aryeh.friedman at gmail.com>wrote:
>
>
> It sounds almost identical to the qcow2 security issue being discussed on
> qemu-devel at qemu.org recently. This might be a *HUGE* win for bhyve then
> in considering that it's default format is raw (should ahci-hdd be the
> default?). devel/qemu (not sure about -dev) uses qcow2 as a default and
> when playing with it on other OS's I found that it seemed to default to
> that also. It is my understand that most of the open source cloud
> platforms use qcow2 as their default also (I remember this from an attempt
> to install openstack grizzly last summer... I have not checked havana
> though... can any of the freebsd-openstack confirm this?).
>
I don't consider it a huge win because the possibility of using an insecure
device precludes it. Someone high on the tree bhyve needs to confirm or
deny this otherwise it is unsafe to recommend bhyve or petitecloud. No
offense intended, I really hope it succeeds and will likely use it if it
does. I cannot use anything which leaves the host open. I am also unclear
on how bhyve bypasses GEOM which *should* prevent any of the symptoms
discussed.
--
Adam
More information about the freebsd-virtualization
mailing list