smoseralexpilotti, is correct. 'dd if=/dev/zero' is better than 'rm $MOUNTPOINT/*'00:09
alexpilottismoser: not sure what you meant :-)00:10
alexpilottismoser: in the meantime: libarchive compiled, looks promising00:11
smoseralexpilotti, in your response to yjiang500:27
smosermost certainly, vfat is better from a data security perspecitve00:27
smoserthan iso.00:27
alexpilottismoser: why? what’s the difference in wiping with dd a raw hdd containing iso vs vfat?00:27
smoseras why  would you 'rm *' when you can 'dd if=/dev/zero of=/dev/by-label/CONFIG_DRIVE'00:27
smoservfat is *no* better00:28
smoser(that was an important word to miss :)00:28
smoserie, i agree with " well, you could wipe an ISO raw hdd as well" completely00:28
smoserwhich is actually an argument against CDROM00:28
smoserunless you were going to attach a cdrw00:29
alexpilottismoser: on that point, I agree00:29
alexpilottismoser: but, metadata are no secure mean00:29
alexpilottiso giving the message that you can secure a clear-text config drive just becuase your attacker is not fast enough is IMo absolutely wrong00:30
alexpilottiespecially if somebody pretends to put passwords in there00:30
alexpilottimy 2c are that natural selection should take it’s toll in such cases ;-)00:31
alexpilottianyway, if your suggestion with libarchive works fine, my concerns for not using a raw hdd disappear00:32
alexpilottiand we already agree on ISO, from what I got so far00:32
smoseralexpilotti, your attacker does not have access to your system before you have config drive wiped.00:35
smoserif he does, then all bets are off.00:35
smoserie, if he's rooted you before rc.local is run, you are compltely SOL00:35
smoseri think we can manage to secure things to thath poitn :)00:36
alexpilottismoser: what about faulty heat templates for example?00:36
alexpilottibeside that, we also don’t have that advantage on Windows00:37
smoseryou're suggesting that my system is rooted before its booted.00:37
alexpilottiwhile it boots00:38
alexpilottiI guess you’re going to do something with those metadata :-)00:38
alexpilottitrue that you can wipe them off before starting any activity 00:39
alexpilottithis mitigates a bit more00:39
alexpilottithis precludes anyway execting specific plugins at each boot00:40
alexpilottiunless you plan to store the metadata somewhere, but then we’re at the starting point00:41
alexpilottiyou could use some symmetric encryption00:41
alexpilottinot safe anyway00:41
smoseralexpilotti, yeah, actually you're right.00:43
smoserthe attacker can't read /dev/sdb without root00:43
smoserand once they have root, well, you lose00:44
smoserand if they had exploited you before you 'mount /dev/sdb /mnt'00:44
smoserthen you lose anyway00:44
smoserso, yeah, you're right.00:44
alexpilottithis thing of how to handle sensitive info in the metadata is quite hot00:44
alexpilottiwhat we did for the passwords in Nova is IMO cool and could work in other scenarios00:45
alexpilottiwhere the plugins generate some secret, encrypt it with the user’s SSH pub key and POST them to some metadata service00:46
alexpilotticonfigdrive won’t be the case I guess00:47
alexpilottismoser pushed the code with bsdtar support, I owe you a beer :-)02:31
smoserwhoohoo. 02:32
smoserbsdtar as in actually that binary ?02:32
smoserand not just using the library ?02:32
smoseri figured you'd have to use the library02:32
smoserbut that s great02:32
=== harlowja is now known as harlowja_away
praneshpsmoser: yt?03:42
praneshpHow can I run files in cloudinit/config individually?03:42
praneshpfor eg03:44
praneshpis there a nice handler tool available or do I just have to work backwards and find the righ targs to pass??03:44
=== harlowja_away is now known as harlowja
harlowjapraneshp u all under control now i hope :)04:26
=== harlowja is now known as harlowja_away
=== zz_gondoi is now known as gondoi
=== harlowja_away is now known as harlowja
=== shardy is now known as shardy_afk
alexpilottismoser: yep, it’s part of http://www.libarchive.org/17:45
alexpilottiby building it you get both the lib and the exe17:45
alexpilottiso I just wen with a simple “bsdtar -xf xxx -C xxx” 17:46
alexpilottifor once I avoided some crazy ctypes work17:46
=== yjiang5_away is now known as yjiang5
=== praneshp_ is now known as praneshp
=== harlowja is now known as harlowja_away
=== harlowja_away is now known as harlowja
=== gondoi is now known as zz_gondoi
=== zz_gondoi is now known as gondoi
=== gondoi is now known as zz_gondoi

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!