Op 14-10-2011 19:10, aep schreef:
On Linux systems, you
can either run everything as root, or make a call to RTR3InitAndSUPLib
(in VBoxXPCOMC.so) as root and then drop privileges and set up the VM.
which has a hardcoded list of binaries that are allowed to run.
If you touch that, then you have to recompile SVC.
I've documented this (an alternative frontend in C#/.Net for Windows
and Linux) on my blog: http://wp.ufo-net.nl/tag/virtualbox/ - where
you can also find a link to my sourcecode.
that sounds promising, but how did you solve the security thingy
problems.
Do you just make every user recompile everything?
No. The code is started as root (suid bit set), calls RTR3InitAndSUPLib
(which apparently has no checks when ran as root), and then drops
privileges. In my case, the call to RTR3InitAndSUPLib could be made
either from the C# application (before dropping privileges), or more
secure, from a wrapper application that calls RTR3InitAndSUPLib and then
drops privileges and loads the actual program.
The RTR3InitAndSUPLib function is as far as I know not part of the
official API, but is exported nevertheles. The sourcecode for the
wrapper application is at
http://oss.ucis.nl/hg/vboxdotnet/file/a7650e26195f/VBoxFrontend/VBoxMono.c,
and is linked against VBoxXPCOMC.so (although you could probably resolve
the symbol at run time). I think you can not use exec() in the wrapper,
since some handle is opened with the close-on-exec option.
--
Ivo
_______________________________________________
vbox-dev mailing list
[email protected]
https://www.virtualbox.org/mailman/listinfo/vbox-dev
