From owner-freebsd-virtualization@FreeBSD.ORG Thu Nov 21 23:16:36 2013 Return-Path: Delivered-To: freebsd-virtualization@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 28416913 for ; Thu, 21 Nov 2013 23:16:36 +0000 (UTC) Received: from mail-pd0-x231.google.com (mail-pd0-x231.google.com [IPv6:2607:f8b0:400e:c02::231]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 030172F53 for ; Thu, 21 Nov 2013 23:16:35 +0000 (UTC) Received: by mail-pd0-f177.google.com with SMTP id q10so427934pdj.22 for ; Thu, 21 Nov 2013 15:16:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=XJkqxE21eIKWqVzyDO4KUm0qp10xBgnHNPLAFeRrgpM=; b=GpCsJ4m6ao1jKiCQ5NiV3Z23ofJJdUddKv2m+oPLEGy0Ys9cruUqsQKAbaM6YwPGBx 7E0dNcr2K6ueonBZwWzEdibUvso86rYtqJLDQU2WM66FAAoEj0xmlZmG70vPr0wGpRKe ltipE7jLzKoiuXVsnwgQ5UdLoCCOgrOtgQVZv6Ar3/U8EgHnvY3+Vuz+sZTrj1bWvk7M 0xSJBA0DqI5W9+itOvL4pfsuCaIC0AO6AavQX4CuflCvBuvVq11+tS/E57Ot5VToWcK4 nGsJBVn6HC7DBzh8NVJFkKtGlxh8fifENZCx525QLWPIjUG1Yp5eUnXUhbvaRQ/iR3zI r5Jw== MIME-Version: 1.0 X-Received: by 10.69.31.33 with SMTP id kj1mr3798440pbd.187.1385075795645; Thu, 21 Nov 2013 15:16:35 -0800 (PST) Received: by 10.68.185.130 with HTTP; Thu, 21 Nov 2013 15:16:35 -0800 (PST) In-Reply-To: <528CF986.2000003@quip.cz> References: <528CF986.2000003@quip.cz> Date: Thu, 21 Nov 2013 18:16:35 -0500 Message-ID: Subject: Re: VPS / Jail / Bhyve File System isolation From: Aryeh Friedman To: Miroslav Lachman <000.fbsd@quip.cz> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.16 Cc: "freebsd-virtualization@freebsd.org" X-BeenThere: freebsd-virtualization@freebsd.org X-Mailman-Version: 2.1.16 Precedence: list List-Id: "Discussion of various virtualization techniques FreeBSD supports." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Nov 2013 23:16:36 -0000 On Wed, Nov 20, 2013 at 1:03 PM, Miroslav Lachman <000.fbsd@quip.cz> wrote: > Bruno Lauz=E9 wrote: > >> >> Using jails, customers are uncomfortable with the fact documents can be >> accessed from the host with root access.Project VPS seems to isolate mor= e >> the guest from the host but not as well as an hypervisor like bhyve. Wit= h >> an hypervisor what the client have is private, as long as the host can >> manage the disk, delete it, but the information is kept private from th= e >> host. >> Any suggestions how to offer jail, vps, or anything containers technique= s >> with total file system isolation from the host, or the only way is to go >> hypervisor, with the performance and instances count penalty that goes w= ith >> it? >> > > There is the same problem with all hypervisors. Nothing prevents > hypervisor admin to do a snapshot image and mount it as another disk to > other OS and access the data. > So nothing is private at this virtualisation level. (without encrypted > disks) To make matters worse many hypervisors (including bhyve) use raw image files (in bhyve's case md(4) mountable ones)