[Bug 1041117] New: VirtualBox as a default user: needs extra permissions, USB passthru security risk, missing /dev/vboxdrv
http://bugzilla.opensuse.org/show_bug.cgi?id=1041117 Bug ID: 1041117 Summary: VirtualBox as a default user: needs extra permissions, USB passthru security risk, missing /dev/vboxdrv Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.3 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Virtualization:Tools Assignee: virt-bugs@suse.de Reporter: moritzrakow@web.de QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Created attachment 726708 --> http://bugzilla.opensuse.org/attachment.cgi?id=726708&action=edit USB passthru warning on VirtualBox start ## Overview Starting a virtual machine does not work out of the box. In the default config, the user needs extra privileges (vboxusers), there is a USB passthru security issue, and the virtual machine does not start because of a missing kernel module. ## Steps to reproduce 1. install the virtualbox package. 2. Attempt to start virtualbox. 3. Add yourself to the vboxusers group. 4. Log out, log back in again. 3. Start virtualbox a second time, and click away the security warning about USB passthru. It links to Bug 664520. 4. Create a virtual machine, e.g. with the Leap 42.3 Beta Net ISO. 5. Try to start the virtual machine. ## Actual results By default, the user is not permitted to run VirtualBox. Not sure if this is intended behaviour, but the user has to take additional steps to even start the application. The message about the USB security hole pops up (screenshot attached), but rather than pressing enable/disable USB, the only button is "OK". The default choice is to accept the security risk and do nothing. The message ends with an encouraging "This message will not be seen again!". The recommendation is to edit /etc/udev/rules.d/60-vboxdrv.rules but the user has not the permissions to do so. Should the default behaviour not be to avoid the security risk, with an option somewhere to *enable* USB passthru? Should a warning message like this not be able to be shown a second time and the information be displayed next to the relevant settings option? Then, there is an error when starting the virtual machine:
The VirtualBox Linux kernel driver (vboxdrv) is either not loaded or there is a permission problem with /dev/vboxdrv. Please reinstall the kernel module by executing '/sbin/vboxconfig' as root.
/dev/vboxdrv does not exist. ## Expected result A user will by default be allowed to start VirtualBox. The default configuration will be to avoid the USB passthru security risk, with an explanation for those choosing to *opt in*. It should not require root privileges to opt out of a security risk, in this case by editing /etc/udev/rules.d/60-vboxdrv.rules Starting a virtual machine will not fail because something else needs to be installed. ## Build and hardware USB/DVD iso on 64bit laptop, updated to build 0253. ## Additional comments Maybe there are good reasons to not include users by default in the vboxusers group and to enable USB passthru. Regardless, the warning message is not very useful, advocating one thing (disable USB passthru), but making the opposite the default which is not easy to change. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=1041117
Andreas Stieger
http://bugzilla.opensuse.org/show_bug.cgi?id=1041117
http://bugzilla.opensuse.org/show_bug.cgi?id=1041117#c1
Larry Finger
http://bugzilla.opensuse.org/show_bug.cgi?id=1041117
http://bugzilla.opensuse.org/show_bug.cgi?id=1041117#c2
--- Comment #2 from Moritz Rakow
1. Requiring the user of a VM to be a member of the vboxusers group has always been a requirement of VirtualBox.
Thanks for the clarification. I mentioned it because on other distros, this is not the case, so it was definitely unexpected to me.
2. The default choice for USB passthru is not to accept this risk. If you click OK and do nothing else, all that happens is that the warning message will not pop up again. USB passthru is still disabled!
A good choice, but the warning message does not communicate this well: (From warning message)
If you ... are willing to accept the security risk, then do nothing. To plug the security hole, [edit a config file with root privileges].
My interpretation of this was that the risky USB passthru is enabled when doing nothing.
[...]. That version likely has not made it through to Leap 42.3 yet. I only have room on my disk for two openSUSE versions, which are TW and Leap 42.2. Of course, running this script requires root privilege.
Good that I tried out 42.3 Beta and spotted the issue. That's what testing Betas is for :) However, the unclear warning message as well as the incomplete installation are still both among the issues that we should try to fix for 42.3. I have opened Bug 1041137 for the warning message. Closer to release day, I am going to retest the installation process, once the new VirtualBox package will have made it through to the repos. If the installation still fails, i.e. does not complete, I will reopen this bug. P.S.: I highly appreciate the security considerations! -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com