Date: Fri, 25 May 2018 16:07:03 +0800 From: Marcelo Araujo <araujobsdport@gmail.com> To: Daniel Braniss <danny@cs.huji.ac.il> Cc: Darius Mihai <dariusmihaim@gmail.com>, freebsd-virtualization@freebsd.org Subject: Re: bhyve client: who is hosting me? Message-ID: <CAOfEmZh_AT-Aq0-c=fAwyjxWgY9CjzSRBO3=H0P1kM-7h925%2Bg@mail.gmail.com> In-Reply-To: <8B1DEC42-1B40-4957-AEB6-2D9BA019287F@cs.huji.ac.il> References: <49FCEBE6-5551-42C1-8A9F-5F84ECAD0581@cs.huji.ac.il> <CAPj=67vS8QkTgvYaQpn68Bod-1hsUxT%2BuN4=aZP31GhAH9g8Rw@mail.gmail.com> <8B1DEC42-1B40-4957-AEB6-2D9BA019287F@cs.huji.ac.il>
next in thread | previous in thread | raw e-mail | index | archive | help
2018-05-25 16:05 GMT+08:00 Daniel Braniss <danny@cs.huji.ac.il>: > > > > On 25 May 2018, at 10:02, Darius Mihai <dariusmihaim@gmail.com> wrote: > > > > On Fri, May 25, 2018 at 9:08 AM Daniel Braniss <danny@cs.huji.ac.il> > wrote: > > > >> Hi, > >> I’m trying out bhyve with different setups, but mailny FreeBSD (11.2 and > > 12), and > >> was wondering if there is any way for the client to know who is hosting > > it? > > > >> thanks, > >> danny > > > > Hi, > > > > What do you mean 'knowing who is hosting it?' > > If you mean obtaining information such as IP address or hostname of the > > host from inside the guest operating system, it should not be possible > and > > is likely a security flaw if it were allowed by default. > > ok, so not by default, but is there a way? > i don’t know why this is a security flaw - maybe security by obscurity? in > any case > since the client knows that it’s running as a bhive client, > (hw.hv_vendor), again, if > this is also a security flaw, it could be set/reset when the client is > being configured? > > thanks, > danny > > Maybe you can use virtio-console and bhyve-vm-goagent? https://github.com/freenas/bhyve-vm-goagent Best, > > > > Operating systems should ideally be unable to determine even that the > > system is a virtual machine instead of a hardware based host; however > since > > bhyve uses VirtIO devices and other virtualization mechanisms due to > > performance issues you are indeed able to determine that the OS is > running > > in a virtual machine. More specific information should be impossible to > > obtain if not injected by the host (e.g., running a web server on the > host > > with some information, adding a virtual block device with a configuration > > file, and so on). > > > > Darius > > > >> _______________________________________________ > >> freebsd-virtualization@freebsd.org mailing list > >> https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization > >> To unsubscribe, send any mail to " > > freebsd-virtualization-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-virtualization@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization > To unsubscribe, send any mail to "freebsd-virtualization- > unsubscribe@freebsd.org" > -- -- Marcelo Araujo (__)araujo@FreeBSD.org \\\'',)http://www.FreeBSD.org <http://www.freebsd.org/>; \/ \ ^ Power To Server. .\. /_)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOfEmZh_AT-Aq0-c=fAwyjxWgY9CjzSRBO3=H0P1kM-7h925%2Bg>