lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.64.0708240951340.3131@AncHm-1.nevaeh-linux.org>
Date: Fri, 24 Aug 2007 10:03:28 -0800 (AKDT)
From: Arthur Corliss <corliss@...italmages.com>
To: Matt Richard <matt.richard@...il.com>
Cc: bugtraq@...urityfocus.com
Subject: Re: VMWare poor guest isolation design

On Fri, 24 Aug 2007, Matt Richard wrote:

> There are other methods of compromising guests without any
> requirements for API's, GUI's, etc -
> http://www.mnin.org/write/2006_vmshell_injection.pdf.

Let me preface my response with the admission that my primary virtualization
platform is IBM pSeries, I'm not a big fan of Vmware.  Even so, this
represents, just like the API attack, a unidirectional attack vector, from
the host OS to the guest.  I simply don't understand why people are making
a big deal about these things.  If you don't have a secure host platform
then you can't have *any* reasonable expectations of security in the guest
to begin with.

Now, if someone can prove an attack from one guest to another, or verify if
two UIDs running vms can tamper with the other's vm, then there would be a
security concern.  Devoid of that, techniques like this are just one of a 
million reasons why no one makes reservations at the Bates Hotel.  To 
expect otherwise makes you deserving of getting stabbed in the shower.

 	--Arthur Corliss
 	  Live Free or Die

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ