Hi, ade: ping about what follows :)
intrigeri wrote (01 Mar 2013 13:38:05 GMT) : > Hi, > ade wrote (12 Feb 2013 18:59:26 GMT) : >> Step I did: >> 1. Install virtualbox > Just FTR, what host OS / version of VirtualBox were you using? >> 2. Modprobe remove the vboxnetflt kernel module >> 3. Setup various tails virtual machines to test them out, and ran >> do_not_ever_run_me script on all guests and the host machine to try out >> manual iptables configurations. > Just to be clear, did you reset the firewall rules on the host system > before or after starting the VirtualBox services and virtual machines? > (I'm concerned VirtualBox might play with firewall rules on the host > e.g. when starting a VM, so this may be worth double-checking.) >> As a result of unloading the vboxnetflt kernel module virtual machines >> would not start if they had a host-only networking adapter, or bridge mode >> networking adapter attached to them. >> This is what we expect. > OK. >> With vboxnetflt kernel module unloaded, the NAT networking mode still >> functioned correctly, but bridge mode would not. This is good. >> I did a very basic and quick test of iptables and with NAT mode networking >> enabled, the host iptables firewall was still able to control the virtual >> machines traffic. >> Setting the OUTPUT policy of the host machine iptables firewall to DROP >> stopped the guest tails from sending outbound pings to the host machines >> eth0 interface > Good. >> So it looks like Virtualbox could be shipped without support for bridge >> networking, or without any networking support at all. In future it looks >> promising that the NAT mode could be useful to provide the guest OS with >> Tor access. Lack of vboxnetflt should stop bridge mode and associated >> leaking from the guest OS if the host iptables firewall is configured >> appropriately. > Good to know. >> Is there any interest in shipping Virtualbox with bridge mode disabled (or >> no networking at all) but include a script that only root can run, to >> enable bridge mode for those that want to use it? > Well, either we are able to support networking without breaking Tails > properties, and in which case we should just enable it, or we are not > able to, and in which case I'd rather not ship such a script. >> What does everyone think about this? > I'm glad to see progress made on this, even though it's progress > targeted at the step after the next one, it's motivating! I'm still in > favor of shipping VirtualBox host software with no networking support > at all (baby steps!) ASAP, and *then* see how we can add > support networking. > I've tried to summarize the current state of things on > todo/add_virtualbox_host_software. Help is welcome for the next steps! > Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc _______________________________________________ tails-dev mailing list tails-dev@boum.org https://mailman.boum.org/listinfo/tails-dev