[PVE-User] Can I delete the hard disk of a running VM??!! Really??!! It can't be!!!

Iosif Peterfi iosif.peterfi at gmail.com
Fri Oct 17 07:14:17 CEST 2014


Greetings,

        If someone 'malicious' has the permissions to delete the HDD files,
then he might as well shut down or kill the virtual machines processes
before deleting everything. And the HDD data is the least important problem
in this situation. Since you must have backups for everything already and
start the recovery. IMHO more important is the question when and how the
'malicious' person acquired admin privileges. This might give you a clue on
which backup to recover.
        Locking the disk file would do more bad than good since it will
prevent admins from doing simple administrative tasks as resetting a
password on the VM.

Regards,
Iosif

On Thu, Oct 16, 2014 at 11:41 PM, Hector Suarez Planas <
hector.suarez at codesa.co.cu> wrote:

>  Greetings.
>
> I'm testing a VM with VyOS and I accidentally delete the hard disk, but
> ¡¡¡The VM still powered on!!!. I reboot the VM and working on after reboot.
> Where is the hard disk? Well, the qcow2 file do not exist on
> /var/lib/vz/imaged/VMID. This thing is using a cached hard disk??!! I
> thought I went crazy, but not.
>
> I power off the VM completely and turn on it again. Aaaaaahhh, disk not
> found:
>
> No bootable device
>
> This bug must be fix. When VM is powered on, the hard disk or other device
> must be locked.
>
> If someone malicious comes up to remove hard disks of our powered on
> virtual machines, we're screwed.
>
> :(
>
>
> _______________________________________________
> pve-user mailing list
> pve-user at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://pve.proxmox.com/pipermail/pve-user/attachments/20141017/5ed8688e/attachment-0015.html>


More information about the pve-user mailing list