eric at cloudscaling
Aug 14, 2012, 1:51 PM
Post #26 of 27
On Tuesday, August 14, 2012 at 16:41 PM, Matt Joyce wrote:
Re: [OSSA 2012-011] Compute node filesystem injection/corruption (CVE-2012-3447)
[In reply to]
> I get what you are saying. And for the sake of compatibility with other clouds and their images obviously that's the way to go, but my inner nerd is screaming "Well, about that... " and wanting me to rally people to the idea of putting the logic inside the images rather than inside of the cloud. Let init negotiate the api access and produce the filesystems it needs to get booted up properly.
Are we having the same conversation? :-) You were arguing for FUSE, I simply said that particular user-space solution isn't very viable due. Otherwise, I believe you and I agree.
I agree that the the approach being taken here isn't ideal. However, I also advocate that if this path is going to be traveled, it should be done in the safest way possible - in userspace, and write-once-read-never, if at all possible. However, I'm not too confident of libguestfs, but I understand why it is attractive in absence of good userspace filesystem tools. Several have pointed to mtools as one, and I'll also add debug2fs to this list, for those of strong conviction.