You are correct that these binaries are suid root but your deduction
is wrong. These binaries need access to a kernel interface which is
provided by the VirtualBox kernel modules. This interface can be used
to harm complete machine including the kernel. So the access to this
interface must be
On Tue, Jun 15, 2010 at 09:04:34AM +0200, Frank Mehnert wrote:
You are correct that these binaries are suid root but your deduction
is wrong. These binaries need access to a kernel interface which is
provided by the VirtualBox kernel modules. This interface can be used
to harm complete machine
package: virtualbox-ose
severity: important
tags: security
the following virtualbox binaries have the suid bit set. this is a poor
practice from a security perspective.
/usr/lib/virtualbox/VBoxNetAdpCtl
/usr/lib/virtualbox/VBoxNetDHCP
/usr/lib/virtualbox/VirtualBox
/usr/lib/virtualbox/VBoxSDL
3 matches
Mail list logo
