On January 27, 2018 7:57:02 AM GMT+01:00, Dave C <[email protected]> wrote: >* VMs that can't access the conference site (i.e. bluejeans.com) or >can't access the net at all
How can a VM without network access open a window in the X11 accessible from network? >* VMs that don't have vncserver installed, or don't have a plugin >needed to screenshare IMHO a minor gain. >My approach lowers security while screensharing. But the rest of the >time, not screensharing, the VMs are running with normal firewall >settings. It is likely that a VM can infect any other of the VMs (or the screensharing VM). There are multiple potential ways to do so: a. Exploit some vulnerability in X11 protocol implementation. b. Open a terminal (if not already opened) and type a command. This is possible, because any client can inject any input events to other client. c. Download some file using webbrowser and run/install it (e.g., using some packaging system). d. I remember I have read that X11 effectively provides no isolation between apps and I had an impression that any app can by design even run some code in another client. However, don't take this point as verified unless you verify it from some other source. Regards, Vít Šesták 'v6ak' General note: Maybe top-posting is bad. However, quoting whole message (including quotes of quotes and quotes of quotes of quotes etc.) before your message is even worse. Please don't let others scroll extensively. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/85D57652-4F14-41F7-9020-506468F33FEC%40v6ak.com. For more options, visit https://groups.google.com/d/optout.
