From owner-freebsd-virtualization@FreeBSD.ORG  Wed Nov 20 17:56:51 2013
Return-Path: <owner-freebsd-virtualization@FreeBSD.ORG>
Delivered-To: freebsd-virtualization@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 7B74F2A8
 for <freebsd-virtualization@freebsd.org>; Wed, 20 Nov 2013 17:56:51 +0000 (UTC)
Received: from blu0-omc4-s36.blu0.hotmail.com (blu0-omc4-s36.blu0.hotmail.com
 [65.55.111.175]) by mx1.freebsd.org (Postfix) with ESMTP id 499C52D19
 for <freebsd-virtualization@freebsd.org>; Wed, 20 Nov 2013 17:56:51 +0000 (UTC)
Received: from BLU179-W27 ([65.55.111.136]) by blu0-omc4-s36.blu0.hotmail.com
 with Microsoft SMTPSVC(6.0.3790.4675); 
 Wed, 20 Nov 2013 09:55:45 -0800
X-TMN: [TcrQpAQ460F3S1AdIi5IBkFWiiVFpXNO]
X-Originating-Email: [brunolauze@msn.com]
Message-ID: <BLU179-W2710DC567151403C38377AC6E60@phx.gbl>
From: =?iso-8859-1?B?QnJ1bm8gTGF1euk=?= <brunolauze@msn.com>
To: "freebsd-virtualization@freebsd.org" <freebsd-virtualization@freebsd.org>
Subject: VPS / Jail / Bhyve File System isolation
Date: Wed, 20 Nov 2013 12:55:45 -0500
Importance: Normal
MIME-Version: 1.0
X-OriginalArrivalTime: 20 Nov 2013 17:55:45.0417 (UTC)
 FILETIME=[BCAA4790:01CEE619]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.16
X-BeenThere: freebsd-virtualization@freebsd.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: "Discussion of various virtualization techniques FreeBSD supports."
 <freebsd-virtualization.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-virtualization>, 
 <mailto:freebsd-virtualization-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-virtualization/>
List-Post: <mailto:freebsd-virtualization@freebsd.org>
List-Help: <mailto:freebsd-virtualization-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-virtualization>, 
 <mailto:freebsd-virtualization-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Nov 2013 17:56:51 -0000


Using jails=2C customers are uncomfortable with the fact documents can be a=
ccessed from the host with root access.Project VPS seems to isolate more th=
e guest from the host but not as well as an hypervisor like bhyve. With an =
hypervisor what the client have is private=2C as long as the host can manag=
e the disk=2C delete it=2C  but the information is kept private from the ho=
st.
Any suggestions how to offer jail=2C vps=2C or anything containers techniqu=
es with total file system isolation from the host=2C or the only way is to =
go hypervisor=2C with the performance and instances count penalty that goes=
 with it? 		 	   		  =