Currently OpenBSD supports these architectures ( http://www.openbsd.org/plat.html ):
alpha Digital Alpha-based systems
amd64 AMD64-based systems
armish ARM-based appliances (by Thecus, IO-DATA, and others)
hp300 Hewlett-Packard HP 9000 series 300 and 400 workstations
hppa Hewlett-Packard Precision Architecture (PA-RISC) systems
i386 Standard PC and clones based on the Intel i386 architecture and compatible processors
landisk IO-DATA Landisk systems (such as USL-5P) based on the SH4 cpu
loongson Loongson 2E- and 2F-based systems, such as the Lemote Fuloong and Yeeloong, Gdium Liberty, etc.
luna88k Omron LUNA-88K and LUNA-88K2 workstations
macppc Apple New World PowerPC-based machines, from the iMac onwards
mvme68k Motorola 680x0-based VME systems
mvme88k Motorola 881x0-based VME systems
sgi SGI MIPS-based workstations
socppc Freescale PowerPC SoC-based machines
sparc Sun sun4, sun4c, sun4e and sun4m class SPARC systems
sparc64 Sun UltraSPARC and Fujitsu SPARC64 systems
vax Digital VAX-based systems
zaurus Sharp Zaurus C3x00 PDAs
Currently QEMU supports these architectures ( https://en.wikipedia.org/wiki/QEMU#Emulated_hardware_platforms ) - but FIXME:
IA-32 (x86)
x86-64 PCs
MIPS R4000
Sun's SPARC sun4m
Sun's SPARC sun4u
ARM development boards (Integrator/CP and Versatile/PB)
SH4 SHIX board
PowerPC (PReP and Power Macintosh)
ETRAX CRIS
MicroBlaze architectures.
So combined (what has boths support, but FIXME..):
i386 OR IA-32
amd64 OR x86-64
sun4m (SPARC)
macppc OR PowerPC
Searching google (search string || hits):
site:seclists.org i386 exploit vulnerability || 14600
site:cvedetails.com i386 exploit vulnerability || 24700
site:seclists.org IA-32 exploit vulnerability || 650
site:cvedetails.com IA-32 exploit vulnerability || 3510
site:seclists.org amd64 exploit vulnerability || 11000
site:cvedetails.com amd64 exploit vulnerability || 29900
site:seclists.org x86-64 exploit vulnerability || 540
site:cvedetails.com x86-64 exploit vulnerability || 4970
site:seclists.org x86_64 exploit vulnerability || 6590
site:cvedetails.com x86_64 exploit vulnerability || 36800
site:seclists.org sun4m exploit vulnerability || 17
site:cvedetails.com sun4m exploit vulnerability || 0
site:seclists.org SPARC exploit vulnerability || 7750
site:cvedetails.com SPARC exploit vulnerability || 43800
site:seclists.org macppc exploit vulnerability || 1
site:cvedetails.com macppc exploit vulnerability || 3490
site:seclists.org PowerPC exploit vulnerability || 7130
site:cvedetails.com PowerPC exploit vulnerability || 32000
-->>
http://i.imgur.com/jbsBNj0.png
So I want to run an OpenBSD guest with QEMU on an OpenBSD host. But with different arch then the host OpenBSD has. (For security reasons, if an exploit works on ex.: i386 it's not 100% that it runs on ex.: sun4m).
for first look if I would use i386 or amd64 as host, the guest would need to be: sun4m (? - but SPARC has many hits.. and can QEMU really use sun4m???)
p.s.: yes, I know, searching for historically vulnerabilities isn't the best method, but there aren't any better.. or?
Q: So what would be the most safest architecture to use?