LinuxQuestions.org
Help answer threads with 0 replies.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Virtualization and Cloud
Reload this Page VirtualBox security
User Name
Password
Linux - Virtualization and Cloud This forum is for the discussion of all topics relating to Linux Virtualization and Linux Cloud platforms. Xen, KVM, OpenVZ, VirtualBox, VMware, Linux-VServer and all other Linux Virtualization platforms are welcome. OpenStack, CloudStack, ownCloud, Cloud Foundry, Eucalyptus, Nimbus, OpenNebula and all other Linux Cloud platforms are welcome. Note that questions relating solely to non-Linux OS's should be asked in the General forum.

Notices


Reply
  Search this Thread
Old 10-24-2009, 06:39 PM   #1
Skaperen
Senior Member
 
Registered: May 2009
Location: center of singularity
Distribution: Xubuntu, Ubuntu, Slackware, Amazon Linux, OpenBSD, LFS (on Sparc_32 and i386)
Posts: 2,689
Blog Entries: 31

Rep: Reputation: 176Reputation: 176
VirtualBox security

In the user manual for VirtualBox, it gives a command for how to allow all users to run it. It warns that this is not secure. There is some apparent risk because it's setting permissions for /dev/vboxdrv to 666.

My question is ... how is this a risk? Is the driver not able to discriminate between users in how it performs whatever functions it performs? Can one user write into another users virtual machines?
 
Old 10-24-2009, 08:15 PM   #2
smeezekitty
Senior Member
 
Registered: Sep 2009
Location: Washington U.S.
Distribution: M$ Windows / Debian / Ubuntu / DSL / many others
Posts: 2,339

Rep: Reputation: 231Reputation: 231Reputation: 231
it is exaggerated.
there is a slight possibility that malicious code could be executed from within the virtual box maybe damaging the host.
 
Old 10-25-2009, 12:54 AM   #3
GlennsPref
Senior Member
 
Registered: Apr 2004
Location: Brisbane, Australia
Distribution: Devuan
Posts: 3,660
Blog Entries: 33

Rep: Reputation: 283Reputation: 283Reputation: 283
You should be alright,
Quote:
Is the driver not able to discriminate between users in how it performs whatever functions it performs?
just use the winxp user-permissions to regulate which users can change stuff or access the system settings.
Quote:
Can one user write into another users virtual machines?
Administer as you would administering a multi-user window$ box.

also, Network access, Who can access shared folders etc.

The drivers should be fine.

Regards Glenn
Last edited by GlennsPref; 10-25-2009 at 12:56 AM. Reason: spelling
 
Old 11-01-2009, 03:19 PM   #4
GlennsPref
Senior Member
 
Registered: Apr 2004
Location: Brisbane, Australia
Distribution: Devuan
Posts: 3,660
Blog Entries: 33

Rep: Reputation: 283Reputation: 283Reputation: 283
Also, as you may know, if you give admin privs to all winxp users, they can all access each others ..\My_Documents. so there is no real security at all.

Sadly, open access (ease of use) on winxp equals no privacy or security.

Be warned.

Regards Glenn
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
security within virtualbox jmite Linux - Newbie 3 06-16-2009 08:34 PM
virtualbox or virtualbox ose manuleka Linux - Software 2 06-11-2009 02:56 PM
Security: The Safest Way to Set Up a VirtualBox Client? cwizardone Slackware 15 04-19-2009 02:36 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Virtualization and Cloud

All times are GMT -5. The time now is 03:27 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration