What’s the actual (real, demonstrable) risk of shared folders in VirtualBox - this should be stated clearly in an Intro section to the VirtualBox Guest Additions page.
Yes, it weakens isolation between host and guest, but what is the realistic attack angle? Guesses:
-
You run some dodgy executable in the VM and it accesses your host with root permissions or inserts malware there?
-
Doesn’t it still have to break out of/breach hypervisor sandbox (they use some unidentified bug to escalate privileges)?
-
Attacker inserts a malicious file and does some social engineering such as replacing the file in that folder with one that looks similar that is malware (which is later shifted to the host)?
-
Copy/paste buffer and keyboard/mouse shared memory etc allow access to the host, meaning if the VM is rooted they can trivially hack your host?
-
General exploits over data channels and shared memory?
-
Attacker uses an escalation bug when having local but unprivileged access to a host to execute arbitrary code within the Linux kernel to gain complete control over the system?
-
Abuses the symlink functionality somehow?
-
All of the above?
Chapter 4. Guest Additions doesn’t mention any major security issues there.
Can’t find any solid references re: security risk, just low quality guesstimates like this:
https://www.reddit.com/r/linux/comments/1k6biq/safety_of_virtualbox_with_shared_folders/
virtual machines - Virtualbox guest additions security issues - Server Fault
And at the moment, we just state in the wiki this functionality is “unrecommended”. TAILS is also vague on the issue (if running TAILS inside VirtualBox), they just say:
https://tails.boum.org/doc/advanced_topics/virtualization/virtualbox/index.en.html
With the shared folders feature of VirtualBox you can access files of your host system from within the guest system.
Make sure to understand the security implications of ?accessing internal hard disks from Tails before using this feature.
Well if that’s the case, then it should be backed up with something solid e.g. CVE references, or some expert bagging out VirtualBox re: their screwing up this functionality badly somehow which poses serious risks.