← Back to team overview

openstack team mailing list archive

Is there a security issue with qcow2 images ?


Hi Folks,

I have a half remembered conversation from the Boston summit where someone said that there was a security issue in using qcow2 as a format for creating snapshot images.

Does that ring any bells with anyone, and if so can you expand on the potential issue please ?

I think it was something to do with why base images have to be expanded after download, but I might be wrong on that.   I'm particularly interested in using qcow2 as an upload format for snapshots.


Follow ups