bhyve client: who is hosting me?

Marcelo Araujo araujobsdport at gmail.com
Fri May 25 08:07:06 UTC 2018 

2018-05-25 16:05 GMT+08:00 Daniel Braniss <danny at cs.huji.ac.il>:

>
>
> > On 25 May 2018, at 10:02, Darius Mihai <dariusmihaim at gmail.com> wrote:
> >
> > On Fri, May 25, 2018 at 9:08 AM Daniel Braniss <danny at cs.huji.ac.il>
> wrote:
> >
> >> Hi,
> >> I’m trying out bhyve with different setups, but mailny FreeBSD (11.2 and
> > 12), and
> >> was wondering if there is any way for the client to know who is hosting
> > it?
> >
> >> thanks,
> >>         danny
> >
> > Hi,
> >
> > What do you mean 'knowing who is hosting it?'
> > If you mean obtaining information such as IP address or hostname of the
> > host from inside the guest operating system, it should not be possible
> and
> > is likely a security flaw if it were allowed by default.
>
> ok, so not by default, but is there a way?
> i don’t know why this is a security flaw - maybe security by obscurity? in
> any case
> since the client knows that it’s running as a bhive client,
> (hw.hv_vendor), again, if
> this is also a security flaw, it could be set/reset when the client is
> being configured?
>
> thanks,
>         danny
>
>

Maybe you can use virtio-console and bhyve-vm-goagent?

https://github.com/freenas/bhyve-vm-goagent

Best,


> >
> > Operating systems should ideally be unable to determine even that the
> > system is a virtual machine instead of a hardware based host; however
> since
> > bhyve uses VirtIO devices and other virtualization mechanisms due to
> > performance issues you are indeed able to determine that the OS is
> running
> > in a virtual machine. More specific information should be impossible to
> > obtain if not injected by the host (e.g., running a web server on the
> host
> > with some information, adding a virtual block device with a configuration
> > file, and so on).
> >
> > Darius
> >
> >> _______________________________________________
> >> freebsd-virtualization at freebsd.org mailing list
> >> https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization
> >> To unsubscribe, send any mail to "
> > freebsd-virtualization-unsubscribe at freebsd.org"
>
> _______________________________________________
> freebsd-virtualization at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization
> To unsubscribe, send any mail to "freebsd-virtualization-
> unsubscribe at freebsd.org"
>



-- 

-- 
Marcelo Araujo            (__)araujo at FreeBSD.org
\\\'',)http://www.FreeBSD.org <http://www.freebsd.org/>   \/  \ ^
Power To Server.         .\. /_)

More information about the freebsd-virtualization mailing list