virtualbox.org

Hi all

When I was using qemu on both my openbsd box and mac os x box, I can launch it as a basic user and it will have not admin or root privedlges. I also then made even more restricted by creating a _qemu user and after you run the qemu command it drops to that user.

With vbox I am not sure. does it run with suid root at some point? is there any way to configure that.
what do you guys do to secure your vbox installs?

regards
prysm

VB is set as SUID root on Linux, but that's only done for access to the kernel module. Once access is acquired, the root privileges are dropped and it runs as your normal, unprivileged user.
Qemu can run in complete userland mode, but that has it's disadvantages too, like being slow. VB has a few kernel hooks, which is beneficial to it's high performance. You can rest assured that the developers have made sure that VB is not capable of doing system wide damage when run as unprivileged user.