Date: Fri, 25 May 2018 11:05:09 +0300 From: Daniel Braniss <danny@cs.huji.ac.il> To: Darius Mihai <dariusmihaim@gmail.com> Cc: freebsd-virtualization@freebsd.org Subject: Re: bhyve client: who is hosting me? Message-ID: <8B1DEC42-1B40-4957-AEB6-2D9BA019287F@cs.huji.ac.il> In-Reply-To: <CAPj=67vS8QkTgvYaQpn68Bod-1hsUxT%2BuN4=aZP31GhAH9g8Rw@mail.gmail.com> References: <49FCEBE6-5551-42C1-8A9F-5F84ECAD0581@cs.huji.ac.il> <CAPj=67vS8QkTgvYaQpn68Bod-1hsUxT%2BuN4=aZP31GhAH9g8Rw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On 25 May 2018, at 10:02, Darius Mihai <dariusmihaim@gmail.com> wrote: >=20 > On Fri, May 25, 2018 at 9:08 AM Daniel Braniss <danny@cs.huji.ac.il> = wrote: >=20 >> Hi, >> I=E2=80=99m trying out bhyve with different setups, but mailny = FreeBSD (11.2 and > 12), and >> was wondering if there is any way for the client to know who is = hosting > it? >=20 >> thanks, >> danny >=20 > Hi, >=20 > What do you mean 'knowing who is hosting it?' > If you mean obtaining information such as IP address or hostname of = the > host from inside the guest operating system, it should not be possible = and > is likely a security flaw if it were allowed by default. ok, so not by default, but is there a way? i don=E2=80=99t know why this is a security flaw - maybe security by = obscurity? in any case since the client knows that it=E2=80=99s running as a bhive client, = (hw.hv_vendor), again, if this is also a security flaw, it could be set/reset when the client is = being configured? thanks, danny =20 >=20 > Operating systems should ideally be unable to determine even that the > system is a virtual machine instead of a hardware based host; however = since > bhyve uses VirtIO devices and other virtualization mechanisms due to > performance issues you are indeed able to determine that the OS is = running > in a virtual machine. More specific information should be impossible = to > obtain if not injected by the host (e.g., running a web server on the = host > with some information, adding a virtual block device with a = configuration > file, and so on). >=20 > Darius >=20 >> _______________________________________________ >> freebsd-virtualization@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization >> To unsubscribe, send any mail to " > freebsd-virtualization-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8B1DEC42-1B40-4957-AEB6-2D9BA019287F>