https://bugzilla.novell.com/show_bug.cgi?id=429725
User suse-beta@cboltz.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=429725#c20
--- Comment #20 from Christian Boltz
(In reply to comment #18 from Christian Boltz)
BTW: What will happen if you find out that VirtualBox has a security bug in > > the to-be-suid-root files? Will you release an update for 11.1 or will you say "hey, we didn't ship it suid-root, so what?"
Depends on the bug. If the system is broken by design it could very well happen that a privilege escalation bug is not fixable.
Sounds like another argument to disable the hardening for now, which means the suid bit isn't required... I'd recommend to use --disable-hardening for 11.1 for two reasons: - it will save users lots of problems (because VirtualBox with hardening will fail to run by default) - it is more secure than a potential privilege escalation ;-) - and you can be sure that everybody who needs VirtualBox will set the suid bit. No, wait - some people might just start it as root... -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.