From owner-freebsd-virtualization@FreeBSD.ORG  Wed Nov 20 18:03:54 2013
Return-Path: <owner-freebsd-virtualization@FreeBSD.ORG>
Delivered-To: freebsd-virtualization@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 57699429
 for <freebsd-virtualization@freebsd.org>; Wed, 20 Nov 2013 18:03:54 +0000 (UTC)
Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4])
 (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 1276A2DA5
 for <freebsd-virtualization@freebsd.org>; Wed, 20 Nov 2013 18:03:53 +0000 (UTC)
Received: from elsa.codelab.cz (localhost [127.0.0.1])
 by elsa.codelab.cz (Postfix) with ESMTP id 52F1D28426;
 Wed, 20 Nov 2013 19:03:51 +0100 (CET)
Received: from [192.168.1.2] (ip-89-177-49-222.net.upcbroadband.cz
 [89.177.49.222])
 (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
 (No client certificate requested)
 by elsa.codelab.cz (Postfix) with ESMTPSA id 904D82842B;
 Wed, 20 Nov 2013 19:03:50 +0100 (CET)
Message-ID: <528CF986.2000003@quip.cz>
Date: Wed, 20 Nov 2013 19:03:50 +0100
From: Miroslav Lachman <000.fbsd@quip.cz>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US;
 rv:1.9.1.19) Gecko/20110420 Lightning/1.0b1 SeaMonkey/2.0.14
MIME-Version: 1.0
To: =?ISO-8859-1?Q?Bruno_Lauz=E9?= <brunolauze@msn.com>
Subject: Re: VPS / Jail / Bhyve File System isolation
References: <BLU179-W2710DC567151403C38377AC6E60@phx.gbl>
In-Reply-To: <BLU179-W2710DC567151403C38377AC6E60@phx.gbl>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8bit
Cc: "freebsd-virtualization@freebsd.org" <freebsd-virtualization@freebsd.org>
X-BeenThere: freebsd-virtualization@freebsd.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: "Discussion of various virtualization techniques FreeBSD supports."
 <freebsd-virtualization.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-virtualization>, 
 <mailto:freebsd-virtualization-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-virtualization/>
List-Post: <mailto:freebsd-virtualization@freebsd.org>
List-Help: <mailto:freebsd-virtualization-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization>, 
 <mailto:freebsd-virtualization-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Nov 2013 18:03:54 -0000

Bruno Lauzé wrote:
>
> Using jails, customers are uncomfortable with the fact documents can be accessed from the host with root access.Project VPS seems to isolate more the guest from the host but not as well as an hypervisor like bhyve. With an hypervisor what the client have is private, as long as the host can manage the disk, delete it,  but the information is kept private from the host.
> Any suggestions how to offer jail, vps, or anything containers techniques with total file system isolation from the host, or the only way is to go hypervisor, with the performance and instances count penalty that goes with it? 		 	   		

There is the same problem with all hypervisors. Nothing prevents 
hypervisor admin to do a snapshot image and mount it as another disk to 
other OS and access the data.
So nothing is private at this virtualisation level. (without encrypted 
disks)

Miroslav Lachman