VM software for personal use?
in [Debian]
|
From: Clive McBarton on 26 Apr 2010 18:30 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mark Allums wrote: > Some people are scared of shared folders as possible attack vectors, thus security risks. What exactly are those risks? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvWErIACgkQ+VSRxYk440/yagCgpGbHFBQjg7hR3cTuLVaKloGm R6QAoIurlXiK/EBR6ei+5eCKYyKDAyjY =PBJS -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/4BD612B2.1060008(a)web.de
From: Daniel Burrows on 27 Apr 2010 10:00 On Sun, Apr 25, 2010 at 07:34:49PM -0600, ghe <ghe(a)slsware.com> was heard to say: > On 4/25/10 7:10 PM, Richard Lawrence wrote: > > >http://losak.sourceforge.net/ > > A Lisp OS!!??? > > Could be, I guess. I once worked at a place where they claimed to > have written an accounting package in BASIC. I think I'd stick with > VirtualBox... Stop making me feel old. Daniel -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/20100427135302.GB29591(a)emurlahn.burrows.local
From: Mark Allums on 27 Apr 2010 18:30 On 4/26/2010 5:24 PM, Clive McBarton wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Mark Allums wrote: >> Some people are scared of shared folders as possible attack vectors, thus security risks. > > What exactly are those risks? (For me, personally, it's theoretical, as I only am repeating things I have picked up. It may be out of date, now, but if I had to guess, the level of threat has only grown.) It depends on the mechanism used to share the folders. If if is through a network interface, then the risks are similar to the risks on any trusted intranet. If the folders are provided by the VM internals, then the risk is what you can lose by a successful attack on the guest kernel or the host VM. If the host VM is kernel-based, then the risk is that of a (host) kernel attack. Note: I'm using "risk" as in "what can you lose?" If you mean attack vectors, then those should be evident; again, I am not a security reseacher. Google Joanna Rutkowska. She probably knows as much as anyone about breaking out of a VM to attack the host. I'm sure others on this list know more than I do about it. MAA -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/4BD7A9D3.7040301(a)allums.com
From: Clive McBarton on 29 Apr 2010 18:20 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mark Allums wrote: > On 4/26/2010 5:24 PM, Clive McBarton wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> Mark Allums wrote: >>> Some people are scared of shared folders as possible attack vectors, >>> thus security risks. >> >> What exactly are those risks? > It depends on the mechanism used to share the folders. If if is through > a network interface, then the risks are similar to the risks on any > trusted intranet. OK. > If the folders are provided by the VM internals, then the risk is what > you can lose by a successful attack on the guest kernel or the host VM. And how much is that? Assuming there's one folder on the host that the guest can write to (that's what I understand by "shared folder"), than a successful attack can fill up space on the host, but that's it. It cannot get out of this folder as far as I can see. > If the host VM is kernel-based, then the risk is that of a (host) > kernel attack. OK. > Note: I'm using "risk" as in "what can you lose?" If you mean attack > vectors, then those should be evident I'm not sure I get the distinction "risk" vs "attack vector". Nor do I find those particularly evident. Which is probably my lack of knowledge in that area. Could you please enlighten me here? > Google Joanna Rutkowska. She probably knows as much as > anyone about breaking out of a VM to attack the host. Just one person can do this? I feel safe now. > I'm sure others on this list know more than I do about it. I hope they share their knowledge here, so I can learn. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkvaBk0ACgkQ+VSRxYk4408DpwCfVxGZgQGKka2YCBCZJToGQKFB 2iEAn0CucSotl67SjbdQBAMAOPRNhg4S =zYGb -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/4BDA064D.5010803(a)web.de
First
|
Prev
|
Pages: 1 2 3 4 5 6 Prev: Lite SMTP server/daemon Next: Impossible to establish ppp-connection through cellar samsung. |