[openstack-dev] [nova] Libguestfs: possibility not to use it, even when installed ?

Raphael Glon raphael.glon at ovh.net
Mon Feb 23 10:52:29 UTC 2015


On 02/23/2015 11:23 AM, Daniel P. Berrange wrote:
> The alternative Nova implementation is*not*  using fuse, it is using real
> mounts on the host FS. This is not a potential issue, it is an*actual*
> issue. There have been bugs in Linux filesystem drivers, including ext4,
> that would have allowed a malicous kernel image to crash and/or exploit
> the host kernel if mounted.
>
>    http://libguestfs.org/guestfs.3.html#security-of-mounting-filesystems

Ok noted -> so why is losetup or qemu-nbd still proposed by nova and 
still the default method ?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150223/9095ca0f/attachment.html>


More information about the OpenStack-dev mailing list