CVE references, or some expert bagging out VirtualBox re: their screwing up this functionality badly somehow which poses serious risks. Well if that’s the case, then it should be backed up with something solid e.g. Make sure to understand the security implications of ?accessing internal hard disks from Tails before using this feature. With the shared folders feature of VirtualBox you can access files of your host system from within the guest system. TAILS is also vague on the issue (if running TAILS inside VirtualBox), they just say: You do not have the required permissions to view the files attached to this post. Virtual machines - Virtualbox guest additions security issues - Server FaultĪnd at the moment, we just state in the wiki this functionality is “unrecommended”. The shared folders are the ones available through the VM Settings -> Shared Folders option of the management UI. Virtualization - How secure is VirtualBox for privacy/anonymity? - Information Security Stack Exchange General exploits over data channels and shared memory?Īttacker uses an escalation bug when having local but unprivileged access to a host to execute arbitrary code within the Linux kernel to gain complete control over the system?Ībuses the symlink functionality somehow?Ĭhapter 4. Guest Additions doesn’t mention any major security issues there.Ĭan’t find any solid references re: security risk, just low quality guesstimates like this: You run some dodgy executable in the VM and it accesses your host with root permissions or inserts malware there?ĭoesn’t it still have to break out of/breach hypervisor sandbox (they use some unidentified bug to escalate privileges)?Īttacker inserts a malicious file and does some social engineering such as replacing the file in that folder with one that looks similar that is malware (which is later shifted to the host)?Ĭopy/paste buffer and keyboard/mouse shared memory etc allow access to the host, meaning if the VM is rooted they can trivially hack your host? Yes, it weakens isolation between host and guest, but what is the realistic attack angle? Guesses: What’s the actual (real, demonstrable) risk of shared folders in VirtualBox - this should be stated clearly in an Intro section to the VirtualBox Guest Additions page.
0 Comments
Leave a Reply. |