You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I found that VMs can mount any folders owned by the user who runs Virtual Box (let's say, it's vbox).
This means that VMs can mount /home/vbox and edit /home/vbox/.config/VirtualBox/VirtualBox.xml anytime.
If the authentication library is set as Builtin, non-admin users could rewrite /home/vbox/.config/VirtualBox/VirtualBox.xml and get privileged.
I guess it would be better to add some logic that restricts shared folders to $brouserRestrictFolders.
Thank you.
The text was updated successfully, but these errors were encountered:
Hi,
I found that VMs can mount any folders owned by the user who runs Virtual Box (let's say, it's
vbox
).This means that VMs can mount
/home/vbox
and edit/home/vbox/.config/VirtualBox/VirtualBox.xml
anytime.If the authentication library is set as
Builtin
, non-admin users could rewrite/home/vbox/.config/VirtualBox/VirtualBox.xml
and get privileged.I guess it would be better to add some logic that restricts shared folders to
$brouserRestrictFolders
.Thank you.
The text was updated successfully, but these errors were encountered: