On 04/10/2017 06:45 AM, Klaus Espenlaub wrote:
Hi Larry,
On 09.04.2017 20:35, Larry Finger wrote:
The openSUSE change log for VB 5.0.20 contains the line "* NAT Network:
File VBoxNetNAT no longer requires suid". (See
https://lists.opensuse.org/opensuse-updates/2016-06/msg00002.html) I am
not able, however, to find the corresponding line in the Oracle version
of the changelog at https://www.virtualbox.org/wiki/Changelog-5.0.
Because it doesn't exist. From what I can tell this change will simply sabotage
NAT Network.
For doing its job VBoxNetNAT needs to connect to an internal network, and that's
only possible (when hardening is in effect, which it should be on all serious
packages) if it's suid root.
Does anyone have any recollection of changes in suid for
/usr/lib/virtualbox/VBoxNetNAT? My problem is that NATNetwork mode does
not work unless I set suid for that file. I'm wondering if there is some
other problem with the spec file that openSUSE is using to build our RPM.
Wonder if the error symptoms are too subtle, tricking the openSUSE package
maintainer into thinking suid is optional in this case. It's not.
Klaus,
Thanks. I thought that was the case, but now I'm sure.
Larry
_______________________________________________
vbox-dev mailing list
[email protected]
https://www.virtualbox.org/mailman/listinfo/vbox-dev
