From owner-freebsd-virtualization@FreeBSD.ORG Thu Nov 21 02:48:37 2013 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 53EFB541 for ; Thu, 21 Nov 2013 02:48:37 +0000 (UTC) Received: from mail-qa0-x22d.google.com (mail-qa0-x22d.google.com [IPv6:2607:f8b0:400d:c00::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 158D62B12 for ; Thu, 21 Nov 2013 02:48:37 +0000 (UTC) Received: by mail-qa0-f45.google.com with SMTP id o15so3469621qap.11 for ; Wed, 20 Nov 2013 18:48:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=eitanadler.com; s=0xdeadbeef; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; bh=tt6+RNfxsrugLYt9Gorp1PTjkhlfR9c2qhLfG4HzZHk=; b=bzfo5xgLvu2fcpdbwJBdKL62KC9hiqBdWpfEhuJ9Z+lPGbyWU95Gt3+eXD2N3l5xHk YRHWU/Kyref/KP8H1fJt2tF9FHHxPzJAXSvK/2LiK0KnaGMFs204iwX9n/J2UMVudxD1 vzVUok69iuxqXq+wcuR4tmK5mW+gO2gyeGLns= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type:content-transfer-encoding; bh=tt6+RNfxsrugLYt9Gorp1PTjkhlfR9c2qhLfG4HzZHk=; b=cAzk8wQOcCtkm7LbFqlEBoZzG4BPvP5Qwj+6vo0OFqQ0yDRPinHhJIStldPF92qL4h xvIDBWwXnKc3CAbviyEeNvmiqOTMr6TF25OwUq1E9xDd7JPwCqp4kwW/WqNt3SKIOqvy I5L5/PFdWUdBHRaVI2Ds++TMxSvpka4SRtAXZqk2JxqvgWPjXgcpwcoMfXPyVIOlRMe4 kHHjwU1eT2hHinV+vh+5L/1kuYypv1zCYIGYjg6pebDPL0OeTBeImt9NFfoqthX6mIea /zEjXzihzi8q8La1dfNytFq+U4bOd2g30WiMhN81aXEonf4WM5Ad/J+0NN6Itl7wjedH 068g== X-Gm-Message-State: ALoCoQmGiyBUdxSOQlNvyNjnW1SbALj+vIUyrtqSPCKmUDg7ZR1w7hF+pUmQHb3E4zBa1N8OVns6 X-Received: by 10.49.103.161 with SMTP id fx1mr7273569qeb.68.1385002116152; Wed, 20 Nov 2013 18:48:36 -0800 (PST) MIME-Version: 1.0 Received: by 10.96.63.101 with HTTP; Wed, 20 Nov 2013 18:48:06 -0800 (PST) In-Reply-To: References: From: Eitan Adler Date: Wed, 20 Nov 2013 21:48:06 -0500 Message-ID: Subject: Re: VPS / Jail / Bhyve File System isolation To: =?UTF-8?B?QnJ1bm8gTGF1esOp?= Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Cc: "freebsd-virtualization@freebsd.org" X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Nov 2013 02:48:37 -0000 On Wed, Nov 20, 2013 at 12:55 PM, Bruno Lauz=C3=A9 wro= te: > > Using jails, customers are uncomfortable with the fact documents can be a= ccessed from the host with root access.Project VPS seems to isolate more th= e guest from the host but not as well as an hypervisor like bhyve. With an = hypervisor what the client have is private, as long as the host can manage = the disk, delete it, but the information is kept private from the host. > Any suggestions how to offer jail, vps, or anything containers techniques= with total file system isolation from the host, or the only way is to go h= ypervisor, with the performance and instances count penalty that goes with = it? Untrusted hypervisors is an active area of academic research. However, any such scheme requires additional hardware support. If you are interested I can give you some papers to look at. --=20 Eitan Adler