I experienced something I consider rather disturbing.
I wanted to use the Whonix-Apparmor-profile for VirtualBox. Because some features would’t work (for example VirtualBox wouldn’t connect to the internet) I ran the following command: "sudo aa-logprof ". I’m not an expert in system administration but some of the permissions to read files in my home-folder VirtualBox had asked for really made me raise an eyebrow: It tried to read the folder “Dokumente” (documents in English), than it tried to read a folder containing the German word for secure in its name and it tried to read a file in my home-folder whose title contains the German word for death. Finally it tried to read encrypted files from the “.Private” folder. (In my case the whole home-folder is encrypted but I guess VirtualBox doesn’t know that.)
Except for the documents-folder I created all these folders/files myself. They are by no means system- or configuration-folders nor folders I store virtual machines in or adviced VB to use in its settings.
Is there any plausible explanation why VirtualBox wants to read those files? I think it’s quite remarkable that all folder/file-names VB was interested in contain certain keywords.
I used the current deb-package for Ubuntu Xenial 64-bit for installation. That would be: virtualbox-5.1_5.1.16-113841~Ubuntu~xenial_amd64.deb.
It might be interesting to see if this behaviour is reproducable.
If there should be a logical explanation and no reason to worry at all I apology in advance for any anxiety or inconvenience this post might cause.
All the best and thanks for a great piece of software to the developers.
Thanks for the answers. I did this on my host system which is running Ubuntu. I know I should have rather used the Ubuntu repositories for installation. But since I don’t only use VB for Whonix but also run a couple of Windows guests I wanted to use the latest version because the virtualisation has improved a lot lately.
The more I think about it the creepier it gets. I hardly see how this could have a harmless explanation. Still stating what happened on the VB forum is probably a good idea. Maybe the people over there or the developers can clear this up in some way. I’ll leave a link here as soon as I find the time to post in the forum.
(Made some minor changes to the first post.)