Hi I am testing Centos 5 para-virtualization and noticed one possible security problem.
In short: any user on the system can gain root access to the virtual machine without root passwd.
0. Base System (Domain-0) is Centos x64 with Virtualization kernel installed.
A para-virtualization guest (also CENTOS 5 x64, let's call it Domain-1) has been installed on
the system and works properly.
1. Login as 'root' to GNOME desktop of Domain-0, click menu Application - System Tools - Virtual Machine Manager,
Now you will see your guest Domain-1 is listed in the 'Virtual Machine Manager' Window.
Double click Domain-1 in the list, 'Domain-1 Virtual Machine Console' is now opened.
Now you have login screen, let's Login as 'root' into Domain-1.
Now close the 'Domain-1 Virtual Machine Console' window (without logout).
Logout 'root' from Domain-0 (from menu System - Log Out Root).
2. Now Login as 'any-user' to desktop of Domain-0, click menu Application - System Tools - Virtual Machine Manager,
Now you will see your guest Domain-1 is running in the 'Virtual Machine Manager' Window.
Double click Domain-1 in the list, 'Domain-1 Virtual Machine Console' is now open, WHAT, ROOT is still logged in
on Domain-1, as 'any-user' on the system (domain-0), you are now can do anything to domain-1 as root.
Is this a feature or problem!!
Possible Security problem of Virtualization
-
- Posts: 10642
- Joined: 2005/08/05 15:19:54
- Location: Northern Illinois, USA
Possible Security problem of Virtualization
Basically, you left the room with your terminal logged in as root.
What else would you expect?
What else would you expect?