[Openstack] [OSSA 2012-011] Compute node filesystem injection/corruption (CVE-2012-3447)

Eric Windisch eric at cloudscaling.com
Wed Aug 8 17:57:12 UTC 2012


> 
> I think the first step is to make sure that a filesystem that the guest
> touched never gets used by the host again, not doing so is just way to
> much of a security risk.
> 
> Second there are lots of options to create filesystem entirely in
> userspace with contents that can later be written to:
> 
> Especially udf is a very interesting options as just about any modern
> operating system supports it. The same is true for vfat, but vfat is
> fairly limiting for many use cases.


Agreed on all points. 

> 
> Why do we ever read a filesystem touched by a guest in the host?
I believe this is more of reading filesystems that were uploaded by users into glance. However, it is essentially the same thing.

I don't think we need to do this and don't think we should do this. Clearly, however, someone somewhere, at some point, thought they wanted this.

Regards,
Eric Windisch







More information about the Openstack mailing list