I experienced something I consider rather disturbing.
I wanted to use the Whonix-Apparmor-profile for VirtualBox. Because some features would’t work (for example VirtualBox wouldn’t connect to the internet) I ran the following command: "sudo aa-logprof ". I’m not an expert in system administration but some of the permissions to read files in my home-folder VirtualBox had asked for really made me raise an eyebrow: It tried to read the folder “Dokumente” (documents in English), than it tried to read a folder containing the German word for secure in its name and it tried to read a file in my home-folder whose title contains the German word for death. Finally it tried to read encrypted files from the “.Private” folder. (In my case the whole home-folder is encrypted but I guess VirtualBox doesn’t know that.)
Except for the documents-folder I created all these folders/files myself. They are by no means system- or configuration-folders nor folders I store virtual machines in or adviced VB to use in its settings.
Is there any plausible explanation why VirtualBox wants to read those files? I think it’s quite remarkable that all folder/file-names VB was interested in contain certain keywords.
I used the current deb-package for Ubuntu Xenial 64-bit for installation. That would be: virtualbox-5.1_5.1.16-113841~Ubuntu~xenial_amd64.deb.
It might be interesting to see if this behaviour is reproducable.
If there should be a logical explanation and no reason to worry at all I apology in advance for any anxiety or inconvenience this post might cause.
All the best and thanks for a great piece of software to the developers.