cbrenton at chrisbrenton.org
Fri Oct 14 14:52:58 GMT 2005
On Fri, 2005-10-14 at 10:10 -0400, John B. Holmblad wrote:
> you might want to recheck the assertions regarding vm software always
> running in ring 0. I am not so sure of that myself.
Depends on the product. For example User Mode Linux will happily run
under a regular user account. Others do require root/system level of
access to function properly.
> Having said that I to have wondered about what kinds of security
> exposures arise from VM systems.
Again, depends on the product as well as the application. There have
been exploits published in the past with different products that permit
a user on an image to break out and gain access to the host system. Of
course if the image is running as a regular user, *and* you've kept
local exploit patches up to date, this is less of an issue.
> Now that Microsoft has gotten into the market with their
> Virtual PC and Virtual Server products we will see even more instances
> of such environments especially since Microsoft markets the concept of
> server virtualization as a way to deal with the long tail of still
> extant servers out there running Windows NT.
The concept is actually pretty cool. For example gone are the worries of
kernel level root kits as they can easily be monitored/detected from the
host system. Of course all this falls apart if the image is not a good
More information about the list