On 23/11/07 11:55 -0500, Sean Dague wrote: > On Fri, Nov 23, 2007 at 11:32:09AM -0500, Adam wrote: > > Two, if malware /should/ slip through, what's the worst that can > > happen? I gather that my W2K VM could be hacked, but is there any way > > that the rest of my system could be affected? > The infection will be contained to the windows vm. From time to time > you may want to snapshot the disk so you can roll back to a known > previous good state.
(Sean, you knew this was coming :) ) >From a practical real-world point of view, Sean's answer is correct. However, in a therorical security-paranoia world, if you were to be putting credit card authentication servers on VMs, etc, theres no reason a bug in VMWare couldn't give a user on a guest access to the host system. Once an attacker gets access to the host system, they could find ways to leverage root/system access, and from there, very easily get access to all the other guest systems' memory/disk/anything. You're amazingly unlikly to come across a worm or something in the wild that'll cause your host system any problems, but VMs are not an unbreakable concept that guarantees security. Heck, at $work a few months ago, we managed to accidentally crash an entire z9 with an errent 370 syscall from a machine that was a VM inside of a VM. -porkchop _______________________________________________ Mid-Hudson Valley Linux Users Group http://mhvlug.org http://mhvlug.org/cgi-bin/mailman/listinfo/mhvlug Upcoming Meetings (6pm - 8pm) MHVLS Auditorium Oct 3 - Security and Privacy Nov 7 - Django Python Application Framework
