Le 1 sept. 2014 à 11:03, Daniel Pocock <[email protected]> a écrit : > In the default deployment of a VDI, the VDI (or equivalent file) is > readable and writeable by the UNIX user running VirtualBox > > For people using iSCSI, the iSCSI credentials are stored in a > configuration file that is readable by the UNIX user who runs VirtualBox > > In both cases, this means that the UNIX user can modify the raw VDI > filesystem contents, possibly modifying scripts that would run with root > privileges or just breaking the VDI in some way that requires extra > support effort. > > Is there any way to have the VDI file or settings owned by a system user > (e.g. a user called vbox) such that they would only be accessible to the > hypervisor and the user can only interact with the VM through the GUI?
That’s true but not only for a unix user. You can do everything you wrote on
Windows also.
On a *nix OS you can play with ACL rules and/or with a specific user to
virtualbox users and a sudo configuration. But, if the user know that, he can
also modify the VDI file with a … sudo command on host OS. You can also use a
specific command which play virtualbox with specific rights….
--
Pierre Malard
« Il faut créer en même temps les élites et les débouchés, le syndica-
lisme et les usines. Faire l'un sans l'autre, c'est travailler pour le
malheur du peuple. »
Romain Gary - "Les racines du ciel"
|\ _,,,---,,_
/,`.-'`' -. ;-;;,_
|,4- ) )-,_. ,\ ( `'-'
'---''(_/--' `-'\_) πr
perl -e '$_=q#: 3|\ 5_,3-3,2_: 3/,`.'"'"'`'"'"' 5-. ;-;;,_: |,A- ) )-,_. ,\
( `'"'"'-'"'"': '"'"'-3'"'"'2(_/--'"'"' `-'"'"'\_):
24πr::#;y#:#\n#;s#(\D)(\d+)#$1x$2#ge;print'
- --> Ce message n’engage que son auteur <--
signature.asc
Description: Message signed with OpenPGP using GPGMail
------------------------------------------------------------------------------ Slashdot TV. Video for Nerds. Stuff that matters. http://tv.slashdot.org/
_______________________________________________ VBox-users-community mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/vbox-users-community _______________________________________________ Unsubscribe: mailto:[email protected]?subject=unsubscribe
