Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: VMWare poor guest isolation design

from [Arthur Corliss] Network Security [Permanent Link]
Subject: RE: VMWare poor guest isolation design
Date: Fri, 24 Aug 2007 13:45:23 -0800 (AKDT) 
On Fri, 24 Aug 2007, Ken Kousky wrote:

This may be far off course but with all the discussions of VMWare  as a safe
sandbox that has broad security value it seems we have to pay attention to
the assumptions. IF the virtual machine is operating properly, it can
provide a level of sandboxing and restrict session privileges for that
instance of the machine. However, the most common exploit in software
continues to be memory leakages or buffer overflows.

It seems to me that the code that can be injected through the most common
attack vector (buffer overflows) executes with full privileges of the real
hosting machine, there would be little benefit to the virtualization. Am I
missing something here?

Is there a way that the arbitrary code injected through a buffer overflow
can be constrained in the logical machine? It seems to me the VM can't
provide this protection???


VMs can do just that, isolate the damage to the vm, with no impact to the
host.  This discussion never addressed that, though, it was focused on the
premise that vms should be protected from the host operating system, which
is exceedingly impractical.  The host was never in danger from the
techniques discussed here.

I think you may be referring to sandboxes like chroot & jails which are not
quite as effective at isolating processes as the vm route.  They have a hell
of a lot less overhead, though.

        --Arthur Corliss
          Live Free or Die

[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-disclosure] rPSA-2007-0172-1 tar, rPath Update Announcements
Next by Date:  RE: VMWare poor guest isolation design, Ken Kousky
Previous by Thread:  RE: VMWare poor guest isolation design, Ken Kousky
Next by Thread:  RE: VMWare poor guest isolation design, Ken Kousky
Indexes:  [Date] [Thread] [Top] [All Lists]