> Hi, > > [email protected] wrote (01 Nov 2012 17:55:42 GMT) : >>>>> IIRC, VirtualBox host software sets iptables/netfilter up in a way >>>>> that makes the guest system bypass the existing firewall / or be >>>>> blocked by it, so some care should be taken on this side. >>>> >>>> One idea is to use host-only networking in the virtualbox guest, and >>>> the >>>> apps in the guest can connect to appropriate socks-port(s) on the >>>> hosts >>>> host-only adapter >>> >>> Sure, a host-only adapter probably make this easier than the bridged >>> setup described in the link. > >> And more secure > >>>> Bridge mode is the problem, it would be worth checking if the amnesia >>>> user >>>> can leverage the virtualbox bridge kernel module/driver to bypass tor. >>>> This would violate tails design because currently the amnesia user is >>>> not >>>> allowed direct internet access. >>> >>> This is interesting and certainly needs to be investigated further >>> (added to todo item). My initial testing shows that, indeed, bridged >>> adapters bypass the host's firewall. > >> I suspect that the answer is Yes, by default the amnesia user can use >> the >> bridge adapter to bypass the host firewall, unless we do something to >> stop >> this > >>>> Bridge mode and NAT support could simply be left out alltogether from >>>> tails, any drivers deleted/not-installed >>> >>> Allowing NAT is at least not a leaking-related problem since the NAT:ed >>> traffic appears "normally" in the host OS, so in Tails it will be >>> caught >>> by the firewall. >>> >>>> If the kernel modules for bridge and NAT adapters is left out of >>>> tails, >>>> that would leave only the host-only networking adapter. >>> >>> vboxnetflt is used for bridged adapters, but host-only adapters >>> requries >>> *both* vboxnetadp and vboxnetflt to be loaded. > >> That is unfortunate, I'm sure we'll think of some way to fix the problem >> though > > I'd like to see todo/add_virtualbox_host_software move forward, > and I fear it's currently blocked due to needlessly high goals. > > Assuming one can just delete these few networking drivers file to > disable network support altogether, without breaking anything else, > how about, as a first iteration, we ship VirtualBox host software > without networking support at all? > > I think this would at least satisfy the "I want to use InDesign on > Windows on Tails to produce a leaflet" usecase, and at least be the > first step towards more involved usecases like the one adev had > in mind. > > What do you think? > > Cheers, > -- > intrigeri > | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc > | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc > _______________________________________________ > tails-dev mailing list > [email protected] > https://mailman.boum.org/listinfo/tails-dev >
I think it is great to have good milestones like this being reached before working on more complex usecases. Shipping virtualization would be a big and useful milestone I am also researching QEMU. I have a question about virtualbox as adrelanos said host-only networking requires both the vboxnetadp and vboxnetflt kernel modules to be inserted. Does this mean virtualbox will never support host-only networking without also allowing the amnesia user to bypass the iptables rules enforcing tor-only network access, (without oracle changing virtualbox or editing the kernel modules ourselves) QEMU appears to by default not require any kernel modules, and to use NAT-like networking which should not bypass the iptables tor-enforcement QEMU looks like network access can be controlled more for a non-root user I will research QEMU more and post back _______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev
