https://bugzilla.novell.com/show_bug.cgi?id=429725
User mkudlvasr@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=429725#c25
Martin Kudlvasr changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mkudlvasr@novell.com
Status|NEW |NEEDINFO
Info Provider| |security-team@suse.de
--- Comment #25 from Martin Kudlvasr 2008-11-20 09:07:32 MST ---
As far as I have read the code, virtualbox uses the suid root ONLY to open
/dev/vboxdrv. Right after that, setresuid is used to set privileges of the
process to uid (and gid) of the user. The process is very well commented
(surprisingly well) in the source files.
The source file location:
VirtualBox-2.0.4/src/VBox/HostDrivers/Support/SUPR3HardenedMain.cpp
Please consider these arguments when making the decision:
- Users had access to the kernel module until now through group vboxusers. In
the suid version, they still have access to it, but only through virtualbox
binary. The suid version is actually reducing access to the kernel module.
- Running virtualbox as root is much less secure that either of the suid or
vboxusers versions.
So far I see 3 options
Choice 1 (lnussels, if I understood correctly):
- do not add virtualbox permissions to permissions package
- document, that virtualbox can be run only as root.
- mention the documentation in the error message, so that users won't be
completely puzzled.
Choice 2:
- do not add virtualbox permissions to permissions package
- document, how users can add permissions to /etc/permissions and set
virtualbox suid by hand (and SUSE/security will deny responsibility for the
risk)
- mention the documentation in the error message, so that users won't be
completely puzzled.
Choice 3:
- add virtualbox permissions to permissions package.
- imho most secure.
My order of preference: Choice 3, Choice 2, Choice 1
I ask the security team for the final decision, whatever will that be.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.