Mailinglist Archive: opensuse-factory (396 mails)
| < Previous | Next > |
Re: [opensuse-factory] virtualbox from suse repo + usb support
- From: C <smaug42@xxxxxxxxx>
- Date: Thu, 20 Jan 2011 09:38:28 +0100
- Message-id: <AANLkTiku8d4j1DrJCjmBm5YUjtAwUa4Dtwu8pJu9hPzF@mail.gmail.com>
On Thu, Jan 20, 2011 at 09:21, Michal Šebeň wrote:
So went to read the bug report.
https://bugzilla.novell.com/show_bug.cgi?id=664520
Have I got this right? .... this "security hole" could allow someone
who already has full user rights on the OS to access information that
he or she essentially already has rights and access to?
That seems like a real non-issue to me... like the Linux exploits that
gives someone with root access a way to get root access...
Under what conditions would this USB access be a risk?
C.
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
hi folks,
as you might know, since virtualbox 4.0.0 "usb guest support" feature
is now open source code,
but during tests i found the problem : virtualbox needs full access to
usb nodes, which of course, could lead to serious security problem
(see bnc#664520 for details) - this means that (currently) virtualbox
(provided by suse) doesn't have usb guest support enabled, by default
So went to read the bug report.
https://bugzilla.novell.com/show_bug.cgi?id=664520
Have I got this right? .... this "security hole" could allow someone
who already has full user rights on the OS to access information that
he or she essentially already has rights and access to?
That seems like a real non-issue to me... like the Linux exploits that
gives someone with root access a way to get root access...
Under what conditions would this USB access be a risk?
C.
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
| < Previous | Next > |