I've afraid that I'm pretty sure that the whitelist idea is contrary to Oracle management policy, so that idea won't fly at all. The fact that not all software has such rigorous standards is not going to convince them to change.
You have what is essentially a defective host process, it needs to be fixed at your end, not worked around by VirtualBox.
No internet using NAT, all guests
-
- Site Moderator
- Posts: 20945
- Joined: 30. Dec 2009, 20:14
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Linux
Re: No internet using NAT, all guests
If there were a whitelist, malware could hack said whitelist and gain admin privileges through Virtualbox.
-
- Posts: 12
- Joined: 19. Jul 2017, 09:44
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Ubuntu, Suse
- Location: Germany
Re: No internet using NAT, all guests
Fair. I just thought about giving the user the freedom to choose, but risks are involved.mpack wrote:I've afraid that I'm pretty sure that the whitelist idea is contrary to Oracle management policy.
Here I disagree. So again, forget about whitelist ideas...mpack wrote:You have what is essentially a defective host process, it needs to be fixed at your end, not worked around by VirtualBox.
Reading the details of the ticket posted, VBox is not verifying the signature of this DLL properly and thus rejecting it.
If you used signtool, it would show DLL is properly signed. Note, using the default option, will show a trust error because the default assumes driver signing and this is a not a driver with signed catalog file. You need to use /pa argument for the signing to show as valid. Since you use SigCheck (Sysinternals), you do not need to use any parameters to show the DLL is signed
Code: Select all
c:\program files\open text\socks client\HumSOCKS.dll:
Verified: Signed
Signing date: 1:16 PM 9/15/2016
Publisher: Open Text Corporation
Company: Open Text Corporation
Description: Open Text SOCKS Client for x64
Product: Open Text SOCKS Client
Prod version: 14.0.0.0
File version: 14.0.16.193
MachineType: 64-bit
I don't know how widely OpenTExt is used.
The combination is even more rare. I don't want to be picky. All I'm saying is that with the information collected so far, the development team could review if the hardening checks being used are implemented properly.
-
- Volunteer
- Posts: 2561
- Joined: 30. May 2007, 18:05
- Primary OS: Fedora other
- VBox Version: PUEL
- Guest OSses: XP, Win7, Win10, Linux, OS/2
Re: No internet using NAT, all guests
You don't have a problem with the other software parts because these don't try to inject their DLLs into Vbox process space.
-
- Posts: 12
- Joined: 19. Jul 2017, 09:44
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Ubuntu, Suse
- Location: Germany
Re: No internet using NAT, all guests
Sure, I'm not talking about other software inject the DLL into VBox.
I'm talking about software injecting/hardening this DLL into their own process. If every software would be checking and rejecting this DLL as VBox does, they would likely have the very same network problems.
Few samples we have in our company:
- AT&T Client and Cisco AnyConnect and SSL Extender for VPN access;
- Symantec Endpoint Protection (Firewall);
They all load the DLL.
I'm talking about software injecting/hardening this DLL into their own process. If every software would be checking and rejecting this DLL as VBox does, they would likely have the very same network problems.
Few samples we have in our company:
- AT&T Client and Cisco AnyConnect and SSL Extender for VPN access;
- Symantec Endpoint Protection (Firewall);
They all load the DLL.
-
- Site Moderator
- Posts: 27329
- Joined: 22. Oct 2010, 11:03
- Primary OS: Mac OS X other
- VBox Version: PUEL
- Guest OSses: Win(*>98), Linux*, OSX>10.5
- Location: Greece
Re: No internet using NAT, all guests
But they don't. They don't really care. VirtualBox cares due to security papers that were highliting the procedure where a "rogue" DLL injects itself into VirtualBox, and that affects the guest. Now the guest is a full blown OS and if that gets infected it could infect the host, since the guest is running with high privileges in the system.AntonioDL wrote:If every software would be checking and rejecting this DLL as VBox does, they would likely have the very same network problems.
Do yourself a favor and read the following FAQ: Diagnosing VirtualBox Hardening Issues.
Bottom line: that's how things stand. If your DLL was properly signed, if your DLL was following the rules, we wouldn't be having this discussion. Does that make sense?
Do NOT send me Personal Messages (PMs) for troubleshooting, they are simply deleted.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
Do NOT reply with the "QUOTE" button, please use the "POST REPLY", at the bottom of the form.
If you obfuscate any information requested, I will obfuscate my response. These are virtual UUIDs, not real ones.
-
- Posts: 12
- Joined: 19. Jul 2017, 09:44
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Windows, Ubuntu, Suse
- Location: Germany
Re: No internet using NAT, all guests
Look, I don't wanna cause a fight... I fully understand your post.
I just find it hard to believe that software from companies like the ones I mentioned "don't care".
A company like Cisco would provide clients a VPN solution which is 'unsafe'?
Microsoft would load such 'unsafe' DLLs into their own network core?
Symantec is one of the industry leading virus/network protection in the market.
(PS: not trying to defend any of these companies, just using them as an example).
Have you read the ticket? OpenText says their code is signed, just differently. My sincere apologies as I don't have a full knowledge of this whole sign process, driver vs non-driver, catalog and all the terms they mention.
Anyway, if you say that how the stand is and nothing will ever be done, than there is nothing else to discuss.
I just find it hard to believe that software from companies like the ones I mentioned "don't care".
A company like Cisco would provide clients a VPN solution which is 'unsafe'?
Microsoft would load such 'unsafe' DLLs into their own network core?
Symantec is one of the industry leading virus/network protection in the market.
(PS: not trying to defend any of these companies, just using them as an example).
Have you read the ticket? OpenText says their code is signed, just differently. My sincere apologies as I don't have a full knowledge of this whole sign process, driver vs non-driver, catalog and all the terms they mention.
Anyway, if you say that how the stand is and nothing will ever be done, than there is nothing else to discuss.
-
- Site Moderator
- Posts: 39134
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: No internet using NAT, all guests
We are all just users here, not spokepersons for Oracle, and in any case you are not an Oracle customer. Your technical point is one for the devs to look at, not us, and since a ticket has already been raised then I'm sure they will, eventually.