[vbox-dev] hardening feature

Michal Necasek michal.necasek at oracle.com
Thu Nov 13 12:34:04 GMT 2014 

  Hardening is supposed to protect against a malicious user on the host 
(in other words, privilege escalation). A compromised host is a 
compromised host and there's nothing we can really do about it, but that 
is what hardening is in fact supposed to prevent.

  Hardening is unrelated to guest-to-host (I think that's what you 
meant) escape vulnerabilities.

  Please understand that we are not allowed to talk about details of 
specific vulnerabilities. The CVEs are public and if you want to know 
more, you need to either ask your Oracle support representative or the 
security researchers who reported the vulnerabilities. You won't get 
that sort of information from VirtualBox developers.

  And as for the "Windows security architecture", the less said the 
better. Let's just say that Microsoft started seriously thinking about 
(Windows NT) security about 10 years too late. Securing VirtualBox on a 
Windows host is massively more complex than doing the same on a 
Unix/Linux host due to the underlying OS design, as should be obvious 
from the VirtualBox source code.


      Michal

On 11/13/2014 5:14 AM, Felix morack wrote:
> thanks for the replies.
>
> - yes, i am referring to windows specifically.
> - i am talking about version 4.3.12 as the latest working version
> - specifically i am referring to issues as detailed here:
> https://forums.virtualbox.org/viewtopic.php?f=6&t=64111
> you can find similar threads for all the versions since 4.3.12
>
>
> i cant help but to think there is some misunderstanding with the windows
> security architecture. It seems much of the hardening has been around
> much longer than version 4.3.12, right? Can someone say what the general
> purpose of the hardening thing is? is it supposed to make more difficult
> the exploitation of host-to-guest escape vulnerabilities? It seems to me
> some of the code is protecting against a compromised *host*? What for?
>
> 2014-11-12 11:18 GMT+01:00 Ramshankar
> <ramshankar.venkataraman at oracle.com
> <mailto:ramshankar.venkataraman at oracle.com>>:
>
>     On 11/12/2014 02:18 AM, Sérgio Basto wrote:
>
>         On Ter, 2014-11-11 at 12:50 +0100, Felix morack wrote:
>
>             Like so many people i am still running 4.12 due to the
>             "hardening"
>             issues.
>
>         what people ?
>
>             yes, i reported a bunch of them back when we first started,
>             and yes i
>             have since tested all versions up to 4.18.
>
>         where  ?
>
>             We are now nearing a point where i cant deploy 4.12 anymore
>             due to
>             formal security regulations, so i have to get serious about
>             this now.
>
>             I am therefore looking for a detailed, technical description
>             of this
>             new 'feature' and why devs think it is necessary.
>
>             Yes, i have the code, but a high level reasoning would be very
>             helpful, especially what has changed with version 4.12.
>             Specifically i
>             am looking for documentation "between" the source code and
>             the manual.
>             Does such a documentation exist in public? Any technical
>             discussion of
>             it perhaps?
>
>             Background is that i am think about deploying my own custom
>             build with
>             hardening disabled.
>
>         I remember I have to enable h ardening feature on kernel modes
>         (.ko) at
>         some point and hardening feature should be enabled , for security
>         reasons .
>         But I'd like to know what "hardening feature issues" do we have .
>
>
>     Although it's not explicitly mentioned so far, I'm pretty sure the
>     hardening issue being discussed in this thread is regarding
>     hardening on Windows hosts only.
>
>     Also, @ original poster: there is no VirtualBox "4.12" version, are
>     you referring to 4.1.2 or 4.3.12 or something else? (Just for the
>     sake of correctness)
>
>     Regards,
>     Ram.
>
>
>
>         Thanks,
>
>             Which is pretty insane, but there is no chance in hell
>             anything post
>             4.12 ends up even in proximity to systems whose stability i am
>             responsible for.
>
>
>             tb
>
>
>             p.s. does vmware have such a feature? How do they handle it?
>
>
>             _________________________________________________
>             vbox-dev mailing list
>             vbox-dev at virtualbox.org <mailto:vbox-dev at virtualbox.org>
>             https://www.virtualbox.org/__mailman/listinfo/vbox-dev
>             <https://www.virtualbox.org/mailman/listinfo/vbox-dev>
>
>
>
>
>
> _______________________________________________
> vbox-dev mailing list
> vbox-dev at virtualbox.org
> https://www.virtualbox.org/mailman/listinfo/vbox-dev
>

More information about the vbox-dev mailing list