[00:09] <smoser> alexpilotti, is correct. 'dd if=/dev/zero' is better than 'rm $MOUNTPOINT/*'
[00:10] <alexpilotti> smoser: not sure what you meant :-)
[00:11] <alexpilotti> smoser: in the meantime: libarchive compiled, looks promising
[00:27] <smoser> alexpilotti, in your response to yjiang5
[00:27] <smoser> most certainly, vfat is better from a data security perspecitve
[00:27] <smoser> than iso.
[00:27] <alexpilotti> smoser: why? what’s the difference in wiping with dd a raw hdd containing iso vs vfat?
[00:27] <smoser> as why  would you 'rm *' when you can 'dd if=/dev/zero of=/dev/by-label/CONFIG_DRIVE'
[00:28] <smoser> bah
[00:28] <smoser> vfat is *no* better
[00:28] <smoser> (that was an important word to miss :)
[00:28] <smoser> ie, i agree with " well, you could wipe an ISO raw hdd as well" completely
[00:28] <smoser> which is actually an argument against CDROM
[00:28] <smoser> :)
[00:29] <smoser> unless you were going to attach a cdrw
[00:29] <alexpilotti> smoser: on that point, I agree
[00:29] <alexpilotti> smoser: but, metadata are no secure mean
[00:30] <alexpilotti> so giving the message that you can secure a clear-text config drive just becuase your attacker is not fast enough is IMo absolutely wrong
[00:30] <alexpilotti> especially if somebody pretends to put passwords in there
[00:31] <alexpilotti> my 2c are that natural selection should take it’s toll in such cases ;-)
[00:32] <alexpilotti> anyway, if your suggestion with libarchive works fine, my concerns for not using a raw hdd disappear
[00:32] <alexpilotti> and we already agree on ISO, from what I got so far
[00:35] <smoser> alexpilotti, your attacker does not have access to your system before you have config drive wiped.
[00:35] <smoser> if he does, then all bets are off.
[00:35] <smoser> ie, if he's rooted you before rc.local is run, you are compltely SOL
[00:36] <smoser> i think we can manage to secure things to thath poitn :)
[00:36] <alexpilotti> smoser: what about faulty heat templates for example?
[00:37] <alexpilotti> beside that, we also don’t have that advantage on Windows
[00:37] <smoser> you're suggesting that my system is rooted before its booted.
[00:38] <alexpilotti> while it boots
[00:38] <alexpilotti> I guess you’re going to do something with those metadata :-)
[00:39] <alexpilotti> true that you can wipe them off before starting any activity 
[00:39] <alexpilotti> this mitigates a bit more
[00:40] <alexpilotti> this precludes anyway execting specific plugins at each boot
[00:41] <alexpilotti> unless you plan to store the metadata somewhere, but then we’re at the starting point
[00:41] <alexpilotti> you could use some symmetric encryption
[00:41] <alexpilotti> not safe anyway
[00:43] <smoser> alexpilotti, yeah, actually you're right.
[00:43] <smoser> the attacker can't read /dev/sdb without root
[00:44] <smoser> and once they have root, well, you lose
[00:44] <alexpilotti> yep
[00:44] <smoser> and if they had exploited you before you 'mount /dev/sdb /mnt'
[00:44] <smoser> then you lose anyway
[00:44] <smoser> so, yeah, you're right.
[00:44] <alexpilotti> this thing of how to handle sensitive info in the metadata is quite hot
[00:45] <alexpilotti> what we did for the passwords in Nova is IMO cool and could work in other scenarios
[00:46] <alexpilotti> where the plugins generate some secret, encrypt it with the user’s SSH pub key and POST them to some metadata service
[00:47] <alexpilotti> configdrive won’t be the case I guess
[02:31] <alexpilotti> smoser pushed the code with bsdtar support, I owe you a beer :-)
[02:32] <smoser> whoohoo. 
[02:32] <smoser> bsdtar as in actually that binary ?
[02:32] <smoser> and not just using the library ?
[02:32] <smoser> i figured you'd have to use the library
[02:32] <smoser> but that s great
[02:35] <smoser> hm..
=== harlowja is now known as harlowja_away
[03:42] <praneshp> smoser: yt?
[03:42] <praneshp> How can I run files in cloudinit/config individually?
[03:44] <praneshp> http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/cloudinit/config/cc_apt_configure.py
[03:44] <praneshp> for eg
[03:44] <praneshp> is there a nice handler tool available or do I just have to work backwards and find the righ targs to pass??
=== harlowja_away is now known as harlowja
[04:26] <harlowja> praneshp u all under control now i hope :)
[04:27] <praneshp> yup
=== harlowja is now known as harlowja_away
=== zz_gondoi is now known as gondoi
=== harlowja_away is now known as harlowja
=== shardy is now known as shardy_afk
[17:45] <alexpilotti> smoser: yep, it’s part of http://www.libarchive.org/
[17:45] <alexpilotti> by building it you get both the lib and the exe
[17:46] <alexpilotti> so I just wen with a simple “bsdtar -xf xxx -C xxx” 
[17:46] <alexpilotti> for once I avoided some crazy ctypes work
=== yjiang5_away is now known as yjiang5
=== praneshp_ is now known as praneshp
=== harlowja is now known as harlowja_away
=== harlowja_away is now known as harlowja
=== gondoi is now known as zz_gondoi
=== zz_gondoi is now known as gondoi
=== gondoi is now known as zz_gondoi