Hi Rūdolfs,
On 09.05.2016 12:29, Rūdolfs Bundulis wrote:
Hi,
after looking at the permissions of the VirtualBox binaries do I
understand correctly that I need to do chown root:root <my binary> and
chmod +s <my binary> for this to work (will test this when I get back to
that machine)?
Correct. If you look closely you'll actually notice that the suid root
binaries in our case are pretty small stubs and load the corresponding
.so file which contain the actual code. This is part of the hardening
which makes implementing your own VM executables more tricky (would need
to check which whitelist you would need to add yourself to).
You know that you can trust your code, but VirtualBox in general is
rather paranoid these days.
Klaus
_______________________________________________
vbox-dev mailing list
vbox-dev@virtualbox.org
https://www.virtualbox.org/mailman/listinfo/vbox-dev
