Bugtraq: RE: VMWare poor guest isolation design

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

RE: VMWare poor guest isolation design

From: Arthur Corliss <corliss () digitalmages com>
Date: Mon, 27 Aug 2007 22:22:08 -0800 (AKDT)

On Sat, 25 Aug 2007, Ken Kousky wrote:

I'm trying to understand how the vm actually prevents the buffer overflow
from injecting code that has direct hardware control? It seems that the code
injected into memory should be truly "arbitrary code" based on the physical
machine.


First off, you need to understand what a buffer overflow is -- in most cases
it's not an attack on the hardware, it's an attack on the process.  Which is
usually running in its own protected address space.

In short, vms don't alleviate or protect you from buffer overflows (crap
code is still crap inside of a guest), but running a service in a dedicated
vm versus on a host with other concurrent services reduces the information
leakage should the service be subverted.  That's all.

        --Arthur Corliss
          Live Free or Die

By Date By Thread

Current thread:

Re: VMWare poor guest isolation design, (continued)
- Re: VMWare poor guest isolation design Tim Newsham (Aug 25)
- VMware poor guest isolation design VMware Security team (Aug 30)