On 04/11/2017 01:53 AM, Marcus Meissner wrote:
On Tue, Apr 11, 2017 at 10:20:11AM +0930, Simon Lees wrote:
On 04/11/2017 04:33 AM, Larry Finger wrote:
Hi,
I need to get the permissions changed on program VBoxNATNetwork so that the host and other guests can connect to a given VM. In the past, this code had SUID privilege, but it was mistakenly removed. It should be restored. According to Oracle, I could remove hardening to eliminate the need for SUID, but that would open lots of security holes.
How should I go about requesting this change? Would filing a bug report and assigning it to Security be sufficient?
Thanks,
Larry
Yes assign a bug to the security team for a audit and once the audit is complete you can add the suid bit back.
Correct, this is how it works.
"According to Oracle, I could remove hardening to eliminate the need for SUID, but that would open lots of security holes." does not make sense to me.
"Hardening" is Oracle's term for enabling a lot of security in VirtualBox. For the most part, the term applies to the version for Windows hosts, but removing that feature does relax some security restrictions for Linux. Such relaxation is obviously not a good idea. Larry -- If I was stranded on an island and the only way to get off the island was to make a pretty UI, I’d die there. Linus Torvalds -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org