Page 1 of 1
Ubuntu Guest on Ubuntu Host Security?
Posted: 14. Jan 2017, 19:01
by kmand
We have a user on a department administered Ubuntu machine who wants admin access that we won't be
able to grant. We can let it host a Ubuntu virtualbox guest and let him have admin privs in the guest.
The question is what do we need to do to be sure that this provides nothing beyond normal user privs
outside the guest "sandbox".
Re: Ubuntu Guest on Ubuntu Host Security?
Posted: 14. Jan 2017, 20:24
by socratis
Nothing. You need to do absolutely nothing. The VirtualBox app runs in the user context, so whatever your user can do (reading/writing/networking) in the host, they can do in their application.
For a related, recently revived discussion, take a look at:
Cryptolocker, Ransomware and VMs. There are other threads that you can search for...
Re: Ubuntu Guest on Ubuntu Host Security?
Posted: 15. Jan 2017, 18:16
by kmand
what about configuration issues like bridged vs nat? Can we exclude bridged?
Re: Ubuntu Guest on Ubuntu Host Security?
Posted: 15. Jan 2017, 20:08
by socratis
VirtualBox installs a "filter driver" for each network card in order to enable Bridged networking. You'd have to wait for a Linux expert to tell you how to disable that filter from either being installed or being active, since you cannot prevent the configuration from within VirtualBox.