ESXi is quite careless about this: a fresh VMFS format does only destroy the basic structures in the metadata-area.It does not care about any stale data that still populates the area used for vmdks.
With a root shell an attacker can actively import that left over garbage into active VMs.
Any selfrespecting administrator will make sure he does completely wipe the complete datastore before reformatting it.The side-effect of this is very welcome if you ever have to carve out an important vmdk with dd.
The time you safe during creation of new lazyzeroed vmdks is nothing when you add the extra pain that the extra checkdisk you have to do while recovering that vmdk.So if security is a concern wipe every new datastore with zeros.
↧
Re: does storage gets formatted after datastore deletion?
↧