> adev@???:
>> I have a question about virtualbox as
>> adrelanos said host-only networking requires both the vboxnetadp and
>> vboxnetflt kernel modules to be inserted.
>
> anonym said so. :)
> _______________________________________________
> tails-dev mailing list
> tails-dev@???
> https://mailman.boum.org/listinfo/tails-dev
>
My mistake adrelanos, I really like your multi machine design of whonix. I
think since tails now supports bridges and obsproxy, then someone one day
may implement a hardened firewall cd that runs in front of tails, and
allows only traffic to the bridges the user has specified
This would stop an attacker from learning the tails machine real IP even
if they gained root on the machine, unless they could use a *rare* exploit
against iptables or pf on the firewall machine (or some other attack)
A multi machine setup may be less coding work for developers than setting
up virtualization, and be more secure
I have read people asking how to disable bridge adapters in virtualbox but
enable host-only networking and I think the answer is no, you cannot
disable bridge adapter functionality in the kernel being available to the
users uid, without altering virtualbox source code. I dont have time to
research this fully right now so I cannot guarantee this answer. I have
asked on the virtual box mailing list
For this reason QEMU may be better for the two layered virtualized system
goal at
https://tails.boum.org/todo/Two-layered_virtualized_system/